Using RMI with SSL
Many have asked how an RMI application can make remote invocations over secure SSL connections. Below are some questions and answers about using RMI with SSL.
Q1: Is it possible to use RMI with SSL?
A1: Yes, it is possible, due to RMI enhancements available in the Java 2 SDK, Standard Edition, v1.2 (Java 2 SDK).
Q2: How do I use RMI with SSL?
A2: The version of RMI included in the Java 2 SDK enables the RMI developer to use custom socket factories for RMI-based communication. An application can export a remote object to use an RMI socket factory that creates sockets of the desired type (for example, SSL sockets). Using this technique, an RMI application can use SSL socket communication instead of the default socket communication. For further details on using custom socket factories, see the tutorial: Using a Custom RMI Socket Factory.
Q3: Where can I find a pure Java programming language implementation of SSL?
A3: Java 2 SDK, v1.4 includes the Java Secure Socket Extension (JSSE) API which provides an implementation of SSL sockets. See the JSSE Reference Guide for more detailed information on the features and benefits of JSSE.
Q4: Where can I find an example using RMI with SSL?
A4: There is an RMI/SSL example bundled with the JSSE code examples. The RMI example illustrates how to use SSL-based connections for RMI calls to a remote object. This is achieved by exporting a remote object to use a custom RMI socket factory that creates SSL sockets.