DEVHIDE
Login Or Sign up

Get SSL Version used in HttpsURLConnection - Java

4.9k Views Asked by At

I am developing a java agent to monitor http communications happening in my application server. I like to know the SSL version(SSLv3, TLS, etc) used in outgoing Https connections. Is there a way to get the SSL version by any means?

java ssl httpsurlconnection
Original Q&A
1

There are 1 best solutions below

0
On

I used this solution, maybe it can help you:

First you need an extension class of SSLSocketFactory to attach a HandshakeCompletedListener to the sockets created by the SSLSocketFactory: (inspired by How to override the cipherlist sent to the server by Android when using HttpsURLConnection?)

public class SecureSSLSocketFactory extends SSLSocketFactory {
private final SSLSocketFactory delegate;
private HandshakeCompletedListener handshakeListener;

public SecureSSLSocketFactory(
        SSLSocketFactory delegate, HandshakeCompletedListener handshakeListener) {
    this.delegate = delegate;
    this.handshakeListener = handshakeListener;
}

@Override
public Socket createSocket(Socket s, String host, int port, boolean autoClose) 
    throws IOException {
    SSLSocket socket = (SSLSocket) this.delegate.createSocket(s, host, port, autoClose);

    if (null != this.handshakeListener) {
        socket.addHandshakeCompletedListener(this.handshakeListener);
    }

    return socket;
}
// and so on for all the other createSocket methods of SSLSocketFactory.

@Override
public String[] getDefaultCipherSuites() {
    // TODO: or your own preferences
    return this.delegate.getDefaultCipherSuites();
}

@Override
public String[] getSupportedCipherSuites() {
    // TODO: or your own preferences
    return this.delegate.getSupportedCipherSuites();
}

Then you need an implementation of the HandshakeCompletedListener interface. You must implement the handshakeCompleted method:

public class MyHandshakeCompletedListener implements HandshakeCompletedListener {
@Override
public void handshakeCompleted(HandshakeCompletedEvent event) {
    SSLSession session = event.getSession();
    String protocol = session.getProtocol();
    String cipherSuite = session.getCipherSuite();
    String peerName = null;

    try {
        peerName = session.getPeerPrincipal().getName();
    } catch (SSLPeerUnverifiedException e) {
    }
}

In handshakeCompleted you can get the protocol version (maybe TLSv1.2), and by the way also the information on cipher suite etc., that is also accessible via HttpsConnection. You can set the custom SSL socket factory via conn.setSSLSocketFactory before connect:

private void setupAndConnect() {
URL url = new URL("https://host.dom/xyz");
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(/*keyManagers*/null, /*trustManagers*/null, /*new SecureRandom()*/null);    // simple here

conn.setSSLSocketFactory(new SecureSSLSocketFactory(sslContext.getSocketFactory(), new MyHandshakeCompletedListener()));

// conn.set... /* set other parameters */
conn.connect();

Related Questions in JAVA

Related Questions in SSL

Related Questions in HTTPSURLCONNECTION

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.