How to create a secured TCP connection via TLS v.1.2 in Java
I want to create commnicate between two systems via TLS v1.2. The information it contains is confidential. I want to avoid an https web service call and diectly want to perform message exchange at the TCP layer.
Can you suggest how to implement this where I can securely transfer data via TLS v1.2.
EDIT:
I have written the following code after reading the below answers
SSLServer
System.setProperty("javax.net.ssl.keyStore", "/home/user/.keystore");
System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
SSLServerSocketFactory ssf = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
ServerSocket ss = ssf.createServerSocket(8362);
while (true) {
System.out.println("awaiting to accept..");
Socket s = ss.accept();
SSLSession session = ((SSLSocket) s).getSession();
Certificate[] cchain2 = session.getLocalCertificates();
for (int i = 0; i < cchain2.length; i++) {
System.out.println(((X509Certificate) cchain2[i]).getSubjectDN());
}
System.out.println("Peer host is " + session.getPeerHost());
System.out.println("Cipher is " + session.getCipherSuite());
System.out.println("Protocol is " + session.getProtocol());
System.out.println("ID is " + new BigInteger(session.getId()));
System.out.println("Session created in " + session.getCreationTime());
System.out.println("Session accessed in " + session.getLastAccessedTime());
PrintStream out = new PrintStream(s.getOutputStream());
/*BufferedReader in = new BufferedReader(new InputStreamReader(
s.getInputStream()));*/
boolean isChatOver = false;
System.out.println("\n\n*******************Type Below********************");
System.out.println("To End Chat Type 'Bye'!");
BufferedReader br = new BufferedReader(new InputStreamReader(System.in));
while(!isChatOver) {
String nextChat = br.readLine();
out.println(nextChat);
if("bye".equalsIgnoreCase(nextChat.trim())) {
isChatOver = true;
}
}
out.close();
s.close();
}
SSLClient
System.setProperty("javax.net.ssl.trustStore", "/home/user/.truststore");
System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
SSLSocketFactory ssf = (SSLSocketFactory) SSLSocketFactory.getDefault();
Socket s = ssf.createSocket("127.0.0.1", 8362);
SSLSession session = ((SSLSocket) s).getSession();
Certificate[] cchain = session.getPeerCertificates();
System.out.println("The Certificates used by peer");
for (int i = 0; i < cchain.length; i++) {
System.out.println(((X509Certificate) cchain[i]).getSubjectDN());
}
System.out.println("Peer host is " + session.getPeerHost());
System.out.println("Cipher is " + session.getCipherSuite());
System.out.println("Protocol is " + session.getProtocol());
System.out.println("ID is " + new BigInteger(session.getId()));
System.out.println("Session created in " + session.getCreationTime());
System.out.println("Session accessed in "
+ session.getLastAccessedTime());
BufferedReader in = new BufferedReader(new InputStreamReader(
s.getInputStream()));
boolean isChatOver = false;
while(!isChatOver) {
if(in.ready()) {
Thread.sleep(5000);
}
String nextChat = in.readLine();
System.out.println("server says : " + nextChat);
if("bye".equalsIgnoreCase(nextChat.trim())) {
System.out.println("**************************************Closing Session.*********************************************");
isChatOver = true;
}
}
in.close();
In the above code, is my code directly passing message to TCP Layer after encryption using TLS 1.2 ? I hope it does not call an https internally because I want to avoid application layer at all cost.
Kindly let me know in case of any queries in the question.
Thanks cheers :))