Upgrade Java socket to encrypted after issue starttls

Asked 8/12, 2011 at 4:3 Answered 16/9, 2014 at 11:30

I want my app to talk to the server without encryption before issuing a STARTTLS and then upgrade the socket to be encrypted after that. Can I connect to a port (E.g., 5222) and use STARTTLS to request TLS using java? If so, which Socket object should I use for that?

Bregma answered 8/12, 2011 at 4:3 Comment(0)

Sure you can. Use your SSLSocketFactory to create a socket wrapping an existing regular java.net.Socket:

    SSLSocket sslsocket = (SSLSocket) sslsocketfactory.createSocket(
        socket,
        socket.getInetAddress().getHostAddress(),
        socket.getPort(),
        true);

Wash answered 3/1, 2013 at 16:29 Comment(0)

@Jan's answer was helpful (and I voted for it), but I had to tweak it a bit to get it working for me:

SSLSocket sslSocket = (SSLSocket) ((SSLSocketFactory) SSLSocketFactory.getDefault()).createSocket(
                       socket, 
                       socket.getInetAddress().getHostAddress(), 
                       socket.getPort(), 
                       true);
InputStream inputStream = sslSocket.getInputStream();
OutputStream outputStream = sslSocket.getOutputStream();
// reads from the socket
Scanner scanner = new Scanner(inputStream);
// writes to the socket
OutputStream outputStream = new BufferedOutputStream(outputStream);

Tested with Java 7 and GMail (smtp.gmail.com) on port 587.

Toxicogenic answered 18/1, 2013 at 16:46 Comment(0)

Here's a possible improvement: If your code is for server side instead of client side, add this, and it will work fine:

sslsocket.setUseClientMode(false); 
sslsocket.startHandshake();

Riane answered 16/9, 2014 at 11:30 Comment(0)

Recommended topics

Hot tags