I would like to implement tls protocol on my server and client. My question is simple: the class SSLSocket use either the TLS protocol or is it the same thing?
I haven't implemented it in my code yet, but I'm excited about the possibility.
My question is simple: the class SSLSocket use either the TLS protocol or is it the same thing?
The short answer is Yes.
The standard SSLSocket class supports both SSL and TLS. Quoting from the first line of the javadoc:
"This class extends Sockets and provides secure socket using protocols such as the "Secure Sockets Layer" (SSL) or IETF "Transport Layer Security" (TLS) protocols."
However this need to be qualified in that the actual protocols and versions that are allowed depend on defaults and settings that change over time. For example, recent Java releases will (by default) reject SSLv2, SSLv3, TLSv1, and TLSv1.1.
Finally, you should avoid using any of the disabled versions (or related disabled features) if possible as they have known security weaknesses and in some cases are vulnerable to compromise.