Nov 012005

I received a question about NIO and SSL via email today. Here is that message and my reply:

Hello Brian,

That was an excellent article.

I was wondering if you came across the challenge of handling ssl sockets using channels and selectors in nio.

If yes, Did you solve it and if yes how?

Yeah, JDK 1.4 does not have support for SSL with NIO and I spent a while trying to determine if it was possible to get working. Turns out it is not possible (as far as I could tell) because of the handshake required for SSL/TLS during socket creation and connection. Using JDK 1.5, NIO has full support for SSL/TLS. You’ll have to upgrade to JDK 1.5 if you need to use SSL/TLS.

However, if you are unable to upgrade to JDK 1.5, there are other solutions available to you. You can use apache as an SSL filter that can accept inbound SSL connections as well as handle outbound SSL connections while allowing internal traffic to be unsecure regardless of direction. Another solution is stunnel can be used to provide the SSL security for either direction. Both of these solutions require configuration and management outside of Java, but will work for situations where updating to JDK 1.5 is not an option.

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code class="" title="" data-url=""> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> <pre class="" title="" data-url=""> <span class="" title="" data-url="">



This site uses Akismet to reduce spam. Learn how your comment data is processed.