How to create an SSL server program to run like a command?

In order to create an SSL server program, you need to do the following:

1. Load the keystore file that contains the server certificate. Remember to specify the keystore password as shown below:

      KeyStore ks = KeyStore.getInstance("JKS");
      ks.load(new FileInputStream("server.jks"), "fyicenter".toCharArray());

2. Create an KeyManagerFactory instance and initialize it with the keystore. Remember to specify the private key password of the server certificate as shown below:

      KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
      kmf.init(ks, "fyicenter".toCharArray());

3. Create an SSLContext instance and initialize it with Key Managers:

      SSLContext ctx = SSLContext.getInstance("TLS");
      ctx.init(kmf.getKeyManagers(), null, null);

4. Create an SSLServerSocket instance and set it to listen mode to accept incoming client requests:

      SSLServerSocketFactory ssf = ctx.getServerSocketFactory();
      SSLServerSocket ss = (SSLServerSocket)ssf.createServerSocket(port);
      SSLSocket socket = (SSLSocket) ss.accept();

Here is the entire sample program code that takes a simple request and returns a simple reponse using SSL Server Socket:

// Copyright (c) FYIcenter.com
import java.net.*;
import java.io.*;
import javax.net.ssl.*;
import java.security.KeyStore;

public class SslServerCmd {
   public static void main(String[] args) throws Exception {
      int port = 8080;
      String clientAuth = "No";
      System.out.println("USAGE: java SslServerCmd [port [clientAuth]]");
      if (args.length >= 1) port = Integer.parseInt(args[0]);
      if (args.length >= 2) clientAuth = args[1];
      
      KeyStore ks = KeyStore.getInstance("JKS");
      ks.load(new FileInputStream("server.jks"), "fyicenter".toCharArray());

      KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
      kmf.init(ks, "fyicenter".toCharArray());

      SSLContext ctx = SSLContext.getInstance("TLS");
      ctx.init(kmf.getKeyManagers(), null, null);

      SSLServerSocketFactory ssf = ctx.getServerSocketFactory();
      SSLServerSocket ss = (SSLServerSocket)ssf.createServerSocket(port);
      if (clientAuth.equals("Yes")) ss.setNeedClientAuth(true);

      System.out.println("Listening: port="+port+", clientAuth="+clientAuth);
      SSLSocket socket = (SSLSocket) ss.accept();

      BufferedReader in = new BufferedReader(new InputStreamReader(
         socket.getInputStream()));
      String line = in.readLine();
    while (line.length()>0) {
       System.out.println(line);
         line = in.readLine();
    }
    
      PrintWriter out = new PrintWriter(new BufferedWriter(
         new OutputStreamWriter(socket.getOutputStream())));
      out.println("HTTP/1.0 200 OK");
      out.println("Content-Type: text/html");
      out.println("Content-Length: 40"); // including \r\n
      out.println();
      out.println("<html><body>Hello there!</body></html>");
      out.flush();

      out.close();
      in.close();
      socket.close();
   }
}

You can compile and run the above example in a command window. Make sure the keystore file, server.jks, created in the previous tutorial is available.

\fyicenter>\local\jdk-1.8.0\bin\javac SslServerCmd.java

\fyicenter>\local\jdk-1.8.0\bin\java SslServerCmd
USAGE: java SslServerCmd [port [clientAuth]]
Listening: port=8080, clientAuth=No

The SSL server is ready to any client to make a connection.

⇒ Connect to SSL Server Failed with Invalid Certificate

⇐ Create SSL Server Certificate with "keytool"

⇑ Examples for jsse.jar - Java Secure Socket Extension

⇑⇑ FAQ for jsse.jar - Java Secure Socket Extension