I am trying to establish an SSL or TLS connection between a Java client and server I am setting up.
I have been using SSLContext.getInstance("SSL")
to build the SSLContext
, and it worked.
I would like to know what the purpose of the protocol
parameter is in SSLContext.getInstance(String protocol)
.
In particular, what changes between using SSLContext.getInstance("SSL")
and SSLContext.getInstance("TLS")
, or other possible values?
Transport Layer Security (TLS) is the successor protocol to SSL. TLS is an improved version of SSL. It works in much the same way as the SSL, using encryption to protect the transfer of data and information. The two terms are often used interchangeably in the industry although SSL is still widely used.
TLDR: SSL/TLS encrypts communications between a client and server, primarily web browsers and web sites/applications. SSL (Secure Sockets Layer) encryption, and its more modern and secure replacement, TLS (Transport Layer Security) encryption, protect data sent over the internet or a computer network.
There are two properties that a Java™ client application can use to specify the TLS version of the SSL/TLS handshake. The jdk. tls. server.
Here is a rather detailed answer that I wrote a while back describing the difference between SSL and TLS. In short, TLS is the successor of SSL, and TLS 1.0 can be considered as "SSL 3.1".
If you look at the JSSE Reference Guide, in the SSLContext section, it says:
These static methods each return an instance that implements at least the requested secure socket protocol. The returned instance may implement other protocols too. For example, getInstance("TLSv1") may return a instance which implements "TLSv1", "TLSv1.1" and "TLSv1.2".
This is also mentioned in the Standard Names document.
In particular, if you check the Oracle/OpenJDK 7 source code for SSLContextImpl, you'll find that all its SSLContext
s support all protocols (from SSLv3 using an SSLv2 Client Hello to TLS 1.2). What differs is which protocols are enabled by default. In addition, you shouldn't rely on this in general, since other Java implementations (e.g. the IBM JRE) could behave differently.
If you want a particular set of protocols to be used for a connection, you should use SSLSocket
or SSLEngine
's setEnabledProtocols
method. Otherwise, it will use the default values, as described in the Providers documentation.
Protocol is used for communicating between server and client. So SSLContext(String protocol)
returns the instance of the protocol and then using that server or client communicate with each other for security level.
For more ref refer this link. http://www.herongyang.com/JDK/SSL-java-net-ssl-SSLContext-Class-Test.html
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With