This section describes using SSL from applications, specifically creating SSL connections to servers and creating SSL sockets from incoming connections.
Creating SSL connections to servers
The default platform configuration for SSL for creating connections to servers is handled as described in the following section:
Applications that need to create their own SSL connections to a server can use the same platform configuration.
Applications need only to create a URL specifying HTTPS as the wanted protocol, and the appropriate HttpsUrlConnection object is created. Applications either rely on the default configuration or configure the security information about a per-instance basis. Changing the default configuration might have adverse effects on other applications running in the platform and on the connection capabilities of the components provided with the platform.
Creating SSL sockets for incoming connections
The default SSLServerSocketFactory that provides SSLServerSockets is based on the settings provided in the java.security file for the platform. Refer to the articles listed in Configuring platform security
for more information on when and how to update this file. Applications rely on the default configuration.
Applications attempting to open SSLServerSockets for their own usage must be aware that the Web Container component of the platform can also attempt to open SSL Server Sockets. Changing the default configuration might have adverse effects on other components provided with the platform.
Parent topic: Configuring platform security