Using Java RMI with SSL
Many have asked how a Java Remote Method Invocation (Java
RMI) application can make remote invocations over secure SSL
connections. Below are some questions and answers about using Java
RMI with SSL.
Q1: Is it possible to use Java RMI with SSL?
- A1: Yes, it is possible, with the use of custom socket
factories. An application can export a remote object to use custom
socket factories that create sockets of a desired type (for
example, SSL sockets). Using this technique, an application can use
SSL socket communication instead of the default socket
communication. For further details on using custom socket
factories, see the tutorial: Using Custom
Socket Factories with Java RMI.
Q2: Where can I find a pure Java programming language
implementation of SSL?
- A2: The JDK includes the Java Secure Socket Extension (JSSE)
API which provides an implementation of SSL sockets. See the
JSSE Reference
Guide for more detailed information on the features and
benefits of JSSE.
Q3: Where can I find an example using Java RMI with SSL?
- A3: There is an example bundled with the JSSE code examples
that illustrates how to use SSL-based connections for calls to a
remote object. This is achieved by exporting a remote object to use
custom socket factories that create SSL sockets. The JDK provides some standard SSL-based custom
socket factory classes; see the
javax.rmi.ssl
package for more details.