Java SSLSocket TLS 1.3 example

This Java 11 JEP 332 adds support for TLS 1.3 protocol.

SSLSocket + TLS 1.3

An SSLSocket client with TLS1.3 protocol and TLS_AES_128_GCM_SHA256 stream cipher, to send a request to https://google.com and print the response.

JavaTLS13.java

package com.favtuts.java11;

import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.io.PrintWriter;

import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;

public class JavaTLS13 {

    private static final String[] protocols = new String[]{"TLSv1.3"};
    private static final String[] cipher_suites = new String[]{"TLS_AES_128_GCM_SHA256"};

    public static void main(String[] args) throws Exception {
        
        SSLSocket socket = null;
        PrintWriter out = null;
        BufferedReader in = null;

        try {
            SSLSocketFactory factory = (SSLSocketFactory) SSLSocketFactory.getDefault();
            socket = (SSLSocket) factory.createSocket("google.com", 443);
            socket.setEnabledProtocols(protocols);
            socket.setEnabledCipherSuites(cipher_suites);
            socket.startHandshake();
            out = new PrintWriter(new BufferedWriter(new OutputStreamWriter(socket.getOutputStream())));

            out.println("GET / HTTP/1.0");
            out.println();
            out.flush();

            if (out.checkError())
                System.out.println("SSLSocketClient: java.io.PrintWriter error");
            
            /* read response */
            in = new BufferedReader(new InputStreamReader(socket.getInputStream()));

            String inputLine;
            while((inputLine = in.readLine()) != null) 
                System.out.println(inputLine);
                        
        } catch (Exception e) {
           e.printStackTrace();
        } finally {
            if (socket != null)
                socket.close();
            
            if (out != null) 
                out.close();
            
            if (in != null)
                in.close();
        }
    }
    
}

Output

HTTP/1.0 200 OK
Date: Thu, 12 May 2022 04:24:11 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=ISO-8859-1
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Server: gws
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: 1P_JAR=2022-05-12-04; expires=Sat, 11-Jun-2022 04:24:11 GMT; path=/; domain=.google.com; Secure
Set-Cookie: AEC=AakniGNlBOzPD9NzrWF5XYIT64boPeNzYXS8uwK4MaVayY9CCm3SFDOv0Rw; expires=Tue, 08-Nov-2022 04:24:11 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
Set-Cookie: NID=511=P63yJACaUF6q4ggGttrDEmgu0odpsqi9QZHYBjupn-PVyTDoZPRFTPvKv0y-qfnCgnf32ZnoJUuKlNvooqPe5Z3tFtWMAQYjd_r5K5I1ca807fm4hUhGRhlBRZwYqEhEt0iiMgOyB-Rci22wjRqBD1vgbVFhw6Jc1DsklO-UWKg; expires=Fri, 11-Nov-2022 04:24:11 GMT; path=/; domain=.google.com; HttpOnly
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Accept-Ranges: none
Vary: Accept-Encoding

<!doctype html><html><head><meta content="text/html; charset=UTF-8" http-equiv="Content-Type">

The above source code is a copy from this Oracle – Running SSLSocketClient article, with minor modifications to support TLS 1.3.

Download Source Code

$ git clone https://github.com/favtuts/java-core-tutorials-examples

$ cd java-misc/java11

References

• Oracle -Secure Socket Connection Between a Client and a Server
• JEP 332
• RFC 8446