Is there any method to directly load a certificate & private key to SSLServerSocket (Java) programmatically?

Question

I am from a 'C' background. I am trying to analyze how to write a Java SSL Server.

So, far the examples I found talk about loading certificate and private to a Key Store and the programmatically associating the KeyStore to SSLContext and then create a SSLServerSocket from the same.

But, are there any methods for directly mentioning which certificate the SSLServerSocket should use? Also, even if I use keystore and if there are multiple certificates and keys how can I specify to SSLServerSocket which one it should use?

Any sample link will be helpful.

See: http://stackoverflow.com/questions/1788031 – Thor Jun 16 '11 at 16:06 — Thor, Jun 16 '11 at 16:06

score 2 · Accepted Answer · edited May 23 '17 at 11:51

As I was saying in a comment, in an answer to one of your questions earlier, you'll need to use a KeyManager to do this.

There are various ways of doing this. jSSLutils is a library that can make it a bit more convenient (but you could also do it more manually). There's an example with the FixedServerAliasKeyManager. One of the shortest ways to do it would be to use something like this:

X509SSLContextFactory sslContextFactory = new X509SSLContextFactory();
// By default, this would use the keystore passed with the usual system properties.

sslContextFactory.setKeyManagerWrapper(
    new FixedServerAliasKeyManager.Wrapper("the-alias-you-want"));
// You could read the alias name from a custom system property, for example.

SSLContext sslContext = sslContextFactory.buildSSLContext("TLS");
SSLServerSocketFactory sslServerSocketFactory = sslContext.getServerSocketFactory();

Is there any method to directly load a certificate & private key to SSLServerSocket (Java) programmatically?

1 Answers1