Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
The title says it.
If I try to bind a ServerSocket and a SSLServerSocket to the same port I get an error. If a client tries to connect to an SSLServerSocket without SSL, the accept() method throws an error. If a client tries to connect to a ServerSocket via SSL I have no idea how I would go about establishing a secure connection.
Is it even possible?
You can accept a normal socket connection and upgrade it to SSL/TLS at a later stage, using
SSLSocketFactory.createSocket(Socket s, String host, int port, boolean autoClose)(andSSLSocket.setUseClientMode(false)on the server side).You’ll need to defined a command in your plaintext protocol so that both sides can agree about an upgrade taking place (similarly to
STARTTLScommands in SMTP or LDAP for example).Alternatively, you could use port unification (as it can be done with Grizzly), whereby you try to detect whether the client initiates the connection with an SSL/TLS Client Hello message. It can be trickier to do, since you’d have to read ahead to detect the packet type (so you’d probably need to keep that buffer and pass its content into an
SSLEngine, instead of being able to use theSSLSocketdirectly).