SSL Socket connection

java android sockets ssl client-server
56,675

You need a certificate to establish an ssl connection, you can load the certificate inside a keystore or you can load the certificate itself. I will show some examples for the keystore option.

Your code needs some parameters to run :

java -Djavax.net.ssl.keyStore=keyStoreFile -Djavax.net.ssl.keyStorePassword=keystorePassword Server

You can also load the keystore with java code , the simplest solution for this is to set the system properties:

System.setProperty("javax.net.ssl.keyStore", 'keystoreFile');
System.setProperty("javax.net.ssl.keyStorePassword", 'keystorePassword ');

Also you can load the keystore with a different way, its more complicated but you have the ability to do more complex things : 

KeyStore ks = KeyStore.getInstance("JKS");
ks.load(new FileInputStream("keystoreFile"), "keystorePassword".toCharArray());

KeyManagerFactory kmf = KeyManagerFactory.getInstance("X509");
kmf.init(ks, "keystorePassword".toCharArray());

TrustManagerFactory tmf = TrustManagerFactory.getInstance("X509"); 
tmf.init(ks);

SSLContext sc = SSLContext.getInstance("TLS"); 
TrustManager[] trustManagers = tmf.getTrustManagers(); 
sc.init(kmf.getKeyManagers(), trustManagers, null); 

SSLServerSocketFactory ssf = sc.getServerSocketFactory(); 
SSLServerSocket s = (SSLServerSocket) ssf.createServerSocket(serverport);
SSLSocket c = (SSLSocket) s.accept();

For the clients there are a few changes in the code last lines, the 3 last lines will be replaced with these : 

SSLSocketFactory ssf = sc.getSocketFactory(); 
SSLSocket s = (SSLSocket) ssf.createSocket(serverip, serverport);
s.startHandshake();

If you want to load a keystore for android the type will have to be "BKS" and not "JKS". You can find easily resources for creating a keystore.

Share:
56,675

Related videos on Youtube

Victor
Author by

Victor

I had worked as a Backend Software Engineer since 2007, mostly working with Java and C/C++.

Updated on February 27, 2020

Comments

  • Victor
    Victor over 4 years

    How can I create a SSL Socket connection?

    I realy need to create a keystore? This keystore should be shared with all my client applications?

    I have create a server with the following code: 

    SSLServerSocketFactory sslserversocketfactory = (SSLServerSocketFactory) SSLServerSocketFactory
                    .getDefault();
SSLServerSocket sslserversocket = (SSLServerSocket) sslserversocketfactory
                    .createServerSocket(ServerProperties.getInstance()
                            .getVSSPAuthenticationPort());

    I have create a client on android with the following code: 

    SSLSocketFactory sslsocketfactory = (SSLSocketFactory) SSLSocketFactory
                .getDefault();
SSLSocket sslsocket = (SSLSocket) sslsocketfactory.createSocket(
                host, authPort);

sslsocket.startHandshake();

BufferedWriter writer = new BufferedWriter(new OutputStreamWriter(
                sslsocket.getOutputStream()));
BufferedReader reader = new BufferedReader(new InputStreamReader(
                sslsocket.getInputStream()));

    But when I try to connect, the following error is throwed:

    javax.net.ssl.SSLHandshakeException: no cipher suites in common
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
    at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1886)
    at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276)
    at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:266)
    at sun.security.ssl.ServerHandshaker.chooseCipherSuite(ServerHandshaker.java:894)
    at sun.security.ssl.ServerHandshaker.clientHello(ServerHandshaker.java:622)
    at sun.security.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:167)
    at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
    at sun.security.ssl.Handshaker.process_record(Handshaker.java:804)
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016)
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323)
  • user207421
    user207421 almost 11 years
    You only need a certificate to establish an SSL connection if the server you are connecting to require it. Ditto a keystore.
  • VGe0rge
    VGe0rge almost 11 years
    Are you saying that the certificate is optional ?
  • user207421
    user207421 almost 11 years
    I said you only need it if the server requires it. I wouldn't describe that as 'optional': more configuration-dependent.
  • VGe0rge
    VGe0rge almost 11 years
    You are talking about the user certificate and of course your are right! I am not on the other hand, this was my misunderstanding ;)
  • user207421
    user207421 almost 10 years
    There is no evidence here that the server doesn't have a certificate.
  • SGuru
    SGuru about 6 years
    @VGe0rge why do you have TrustManager on the server side? Shouldn't this be on client side?
  • Cukic0d
    Cukic0d about 5 years
    I followed gpotter2.github.io/tutos/en/sslsockets : there's some help on how to build the certificates then a few util classes. It also explains how to make it work on Android

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Android Socket (Client - Server)
How to create a secure SSL connection between Android client and Java server?
java.net.SocketException: sendto failed: EPIPE (Broken pipe) on Android
Why does the Java SSL socket connection fail hard if server does not support SSLv3
android tcp/ip socket won't send data to computer
SSL Connection timeout and read timeouts
screen mirroring in android
How to override the cipherlist sent to the server by Android when using HttpsURLConnection?
Convert a String of bytes into ASCII
Android Client / Server on TLS v1.2