JDK Tutorials - Herong's Tutorial Examples

∟The SSL (Secure Socket Layer) Protocol

∟SslSocketTest.java - Default SSL Socket Factory Test

This section provides a tutorial example on how to write a simple program to test the SSLSocketFactory class and the SSLServerSocketFactory class.

The following sample program shows you how to create default SSL socket factories:

/* SslSocketTest.java
 * Copyright (c) HerongYang.com. All Rights Reserved.
 */
import java.io.*;
import java.net.*;
import java.security.*;
import javax.net.*;
import javax.net.ssl.*;
public class SslSocketTest {
   public static void main(String[] args) {
      PrintStream out = System.out;
      out.println("\nDefault SSL socket factory:");
      try {
         // Generating the default SSLServerSocketFactory
         SSLServerSocketFactory ssf = (SSLServerSocketFactory)
            SSLServerSocketFactory.getDefault();
         System.out.println("\nSSLServerSocketFactory class: "
            +ssf.getClass());
         String[] dcsList = ssf.getDefaultCipherSuites();
         out.println("   Default cipher suites:");
         for (int i=0; i<dcsList.length; i++) {
            out.println("      "+dcsList[i]);
         }

         // Generating SSLServerSocket
         SSLServerSocket ss
            = (SSLServerSocket) ssf.createServerSocket();
         System.out.println("\nSSLServerSocket class: "
            +ss.getClass());
         System.out.println("   String: "+ss.toString());

         // Generating the default SSLSocketFactory
         SSLSocketFactory sf =
            (SSLSocketFactory) SSLSocketFactory.getDefault();
         out.println("\nSSLSocketFactory class: "
            +sf.getClass());
         dcsList = sf.getDefaultCipherSuites();
         out.println("   Default cipher suites:");
         for (int i=0; i<dcsList.length; i++) {
            out.println("      "+dcsList[i]);
         }

         // Generating SSLSocket
         SSLSocket s
            = (SSLSocket) sf.createSocket();
         System.out.println("\nSSLSocket class: "+s.getClass());
         System.out.println("   String: "+s.toString());
      } catch (Exception e) {
         e.printStackTrace();
      }
   }
}

If you run this program, you will get something like:

herong> java SslSocketTest.java

Default SSL socket factory:

SSLServerSocketFactory class:
   class sun.security.ssl.SSLServerSocketFactoryImpl
   Default cipher suites:
      TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
      TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
      TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
      TLS_RSA_WITH_AES_256_GCM_SHA384
      TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
      TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
      TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
      TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
      TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
      TLS_RSA_WITH_AES_128_GCM_SHA256
      TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
      TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
      TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
      TLS_DHE_DSS_WITH_AES_128_GCM_SHA256
      TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
      TLS_RSA_WITH_AES_256_CBC_SHA256
      TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
      TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
      TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
      TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
      TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
      TLS_RSA_WITH_AES_256_CBC_SHA
      TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
      TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
      TLS_DHE_RSA_WITH_AES_256_CBC_SHA
      TLS_DHE_DSS_WITH_AES_256_CBC_SHA
      TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
      TLS_RSA_WITH_AES_128_CBC_SHA256
      TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
      TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
      TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
      TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
      TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
      TLS_RSA_WITH_AES_128_CBC_SHA
      TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
      TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
      TLS_DHE_RSA_WITH_AES_128_CBC_SHA
      TLS_DHE_DSS_WITH_AES_128_CBC_SHA
      TLS_EMPTY_RENEGOTIATION_INFO_SCSV

SSLServerSocket class: class sun.security.ssl.SSLServerSocketImpl
   String: [SSL: ServerSocket[unbound]]

SSLSocketFactory class: class sun.security.ssl.SSLSocketFactoryImpl
   Default cipher suites:
      TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
      TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
      TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
      TLS_RSA_WITH_AES_256_GCM_SHA384
      TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
      TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
      TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
      TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
      TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
      TLS_RSA_WITH_AES_128_GCM_SHA256
      TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
      TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
      TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
      TLS_DHE_DSS_WITH_AES_128_GCM_SHA256
      TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
      TLS_RSA_WITH_AES_256_CBC_SHA256
      TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
      TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
      TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
      TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
      TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
      TLS_RSA_WITH_AES_256_CBC_SHA
      TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
      TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
      TLS_DHE_RSA_WITH_AES_256_CBC_SHA
      TLS_DHE_DSS_WITH_AES_256_CBC_SHA
      TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
      TLS_RSA_WITH_AES_128_CBC_SHA256
      TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
      TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
      TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
      TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
      TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
      TLS_RSA_WITH_AES_128_CBC_SHA
      TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
      TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
      TLS_DHE_RSA_WITH_AES_128_CBC_SHA
      TLS_DHE_DSS_WITH_AES_128_CBC_SHA
      TLS_EMPTY_RENEGOTIATION_INFO_SCSV

SSLSocket class: class sun.security.ssl.SSLSocketImpl
   String: 32eebfca[SSL_NULL_WITH_NULL_NULL: Socket[unconnected]]

Note that JSSE does support a number of cipher suites for the SSL record protocol.

Table of Contents

 About This JDK Tutorial Book

 JDK (Java Development Kit)

 Java Date-Time API

 Date, Time and Calendar Classes

 Date and Time Object and String Conversion

 Number Object and Numeric String Conversion

 Locales, Localization Methods and Resource Bundles

 Calling and Importing Classes Defined in Unnamed Packages

 HashSet, Vector, HashMap and Collection Classes

 Character Set Encoding Classes and Methods

 Character Set Encoding Maps

 Encoding Conversion Programs for Encoded Text Files

 Java Logging

 Socket Network Communication

 Datagram Network Communication

 DOM (Document Object Model) - API for XML Files

 SAX (Simple API for XML)

 DTD (Document Type Definition) - XML Validation

 XSD (XML Schema Definition) - XML Validation

 XSL (Extensible Stylesheet Language)

 Message Digest Algorithm Implementations in JDK

 Private key and Public Key Pair Generation

 PKCS#8/X.509 Private/Public Encoding Standards

 Digital Signature Algorithm and Sample Program

 "keytool" Commands and "keystore" Files

 KeyStore and Certificate Classes

 Secret Key Generation and Management

 Cipher - Encryption and Decryption

►The SSL (Secure Socket Layer) Protocol

 What Is SSL (Secure Socket Layer)?

 SSL Specification Overview

 JSSE - Java Implementation of SSL and TLS

►SslSocketTest.java - Default SSL Socket Factory Test

 SslContextTest.java - javax.net.ssl.SSLContext Class Test

 Initializing SSLContext with PKCS12 File

 SSL Socket Communication Testing Programs

 SSL Client Authentication

 HTTPS (Hypertext Transfer Protocol Secure)

 Outdated Tutorials

 References

 Full Version in PDF/EPUB

SslSocketTest.java - Default SSL Socket Factory Test - Updated in 2024, by Herong Yang