Best Practices for SSL Connections

The following best practices apply to local plug-ins when setting up SSL connections in Java.

  • Use TLS 1.2.
    For example:
    SSLContext sslContext.getInstance("TLSv1.2");
  • Create a dedicated SSL socket factory for each plug-in. Avoid the method HttpsURLConnection.setDefaultSSLSocketFactory(), which uses a static factory object that can lead to conflicts between plug-ins.
    For example, use the following method to create an SSL socket factory:
    SSLSocketFactor socketFactory = sslContext.getSocketFactory();

    For a more complete example, see the TrustedService class in the html-sample of the SDK.