NIO with SSL

I received a question about NIO and SSL via email today. Here is that message and my reply:

Hello Brian,

That was an excellent article.

I was wondering if you came across the challenge of handling ssl sockets using channels and selectors in nio.

If yes, Did you solve it and if yes how?

Yeah, JDK 1.4 does not have support for SSL with NIO and I spent a while trying to determine if it was possible to get working. Turns out it is not possible (as far as I could tell) because of the handshake required for SSL/TLS during socket creation and connection. Using JDK 1.5, NIO has full support for SSL/TLS. You’ll have to upgrade to JDK 1.5 if you need to use SSL/TLS.

However, if you are unable to upgrade to JDK 1.5, there are other solutions available to you. You can use apache as an SSL filter that can accept inbound SSL connections as well as handle outbound SSL connections while allowing internal traffic to be unsecure regardless of direction. Another solution is stunnel can be used to provide the SSL security for either direction. Both of these solutions require configuration and management outside of Java, but will work for situations where updating to JDK 1.5 is not an option.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s