| | |
| Listening setup | page 4 of 11 |
To listen for incoming connections, we must carry out
a similar set of steps:
- Create a SecureRandom, a source of
secure random numbers.
- Create a KeyStore object containing the remote client's
public key. This is read from client.public.
- Create a KeyStore object containing the server's
public/private key pair, including its public key certificate. This
is read from server.private.
- Create a TrustManagerFactory from the remote client's
KeyStore. This is used to authenticate the remote
client.
- Create a KeyManagerFactory from the server's
KeyStore. This is used for encrypting and decrypting
data.
- Create an SSLContext object, using the
KeyManagerFactory, the TrustManagerFactory,
and the SecureRandom.
- Use the SSLContext to create an
SSLServerSocketFactory.
- Use the SSLServerSocketFactory to create an
SSLServerSocket, which
acts just like a regular ServerSocket, except that it is
secure.
- Call the accept() method of the
SSLServerSocket to wait for an incoming connection.
It's all pretty complicated, but the process is the same each
time, so it makes sense to follow along and see how it all works.
In the panels that follow, we'll walk through the code that carries out these
steps. We'll examine only the client-side process in detail, because
the server-side process is nearly the same. Afterwards, we'll note
the differences between the two sides.
|
