Java - SSL server creation

Question

I'm not experienced at all using SSL. I created a very simple client server and can successfully both send and retrieve files from the server with my client. I generated a keystore with a self-signed X509 certificate via keytool command line and stored it in my server directory.

I'm a little confused though, since I initially created my server using http://stilius.net/java/java_ssl.php as a guide but couldn't get it to work, I was using

System.setProperty("javax.net.ssl.keyStore", jksFilepath);
System.setProperty("javax.net.ssl.keyStorePassword", jkspass);

to link my keystore with the server. Whenever I tried to retrieve a file I would get Java SSLHandshakeException “no cipher suites in common”.

However when I now use code identical to: http://www.java2s.com/Tutorial/Java/0490__Security/SSLContextandKeymanager.htm to setup my server, it works perfectly fine.

Also, the second guide just uses a ServerSocket and not an SSLSocket - which should I be using? Switching between both doesn't seem to change anything when I run the server and retrieve a file.

Check the second link. It is broken http://www.java2s.com/Tutorial/Java/0490__Security/SSLContextandKeymanager.htm — pedrofb, May 25 '16 at 18:10
Second example creates an `SSLServerSockst`, but stores it into a `ServerSocket` variable. Doesn't matter unless you need to call an `SSLServerSocket` method. — user207421, May 25 '16 at 18:44

score 0 · Answer 1 · edited May 23 '17 at 12:15

Check this Java SSLHandshakeException "no cipher suites in common" for a possible duplicate of your issue

In the second example link the SSLContext and KeyManager are inited. In the first example they are not. If you want your keystore to be used as a keystore, you'll need to load it and initialise a KeyManagerFactory with it:

This is the code of the second example. SSLContext is inited with KeyManagers

context = SSLContext.getInstance("TLS");
kmf = KeyManagerFactory.getInstance("SunX509");
FileInputStream fin = new FileInputStream(storename);
ks = KeyStore.getInstance("JKS");
ks.load(fin, storepass);
context.init(kmf.getKeyManagers(), null, null);

In the first example is created a default SSLSocketFactory

SSLSocketFactory sslsocketfactory = (SSLSocketFactory) SSLSocketFactory.getDefault();

SSLSocketFactory.getDefault() invokes SSLContext.getDefault() which creates the default context (without the parameters you need)

Java - SSL server creation

1 Answers1