Best Practices for SSL Connections
The following best practices apply to local plug-ins when setting up SSL connections in Java.
- Use TLS 1.2.For example:
SSLContext sslContext.getInstance("TLSv1.2");
- Create a dedicated SSL socket factory
for each plug-in. Avoid the method
HttpsURLConnection.setDefaultSSLSocketFactory()
, which uses a static factory object that can lead to conflicts between plug-ins.For example, use the following method to create an SSL socket factory:SSLSocketFactor socketFactory = sslContext.getSocketFactory();
For a more complete example, see the
TrustedService
class in the html-sample of the SDK.