Java two-way SSL without a "server"

Question

I have been looking for an example of a mutual auth SSL in java where there is no "server" as in weblogic / glassfish / tomcat / etc. - is there such a thing?

also no external libraries please, I am hoping to get by with just the following:

import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSocket;

Answer 1

You can use something like this (NOTE this is from a tutorial school project i did and its not complete)

Client

    //load client private key
    KeyStore clientKeys = KeyStore.getInstance("JKS");
    clientKeys.load(new FileInputStream("proxyKeystore"),"password".toCharArray());
    KeyManagerFactory clientKeyManager = KeyManagerFactory.getInstance("SunX509");
    clientKeyManager.init(clientKeys,"password".toCharArray());
    //load server public key
    KeyStore serverPub = KeyStore.getInstance("JKS");
    serverPub.load(new FileInputStream("proxyTrustedStore"),"password".toCharArray());
    TrustManagerFactory trustManager = TrustManagerFactory.getInstance("SunX509");
    trustManager.init(serverPub);

  //use keys to create SSLSoket
  SSLContext ssl = SSLContext.getInstance("TLS");
  ssl.init(clientKeyManager.getKeyManagers(), trustManager.getTrustManagers(), SecureRandom.getInstance("SHA1PRNG"));
  socket = (SSLSocket)ssl.getSocketFactory().createSocket("localhost", 8889);


  socket.startHandshake();

Server:

KeyStore serverKeys = KeyStore.getInstance("JKS");
            serverKeys.load(new FileInputStream("authKeystore"),"password".toCharArray());
            KeyManagerFactory serverKeyManager = KeyManagerFactory.getInstance("SunX509");
            serverKeyManager.init(serverKeys,"password".toCharArray());


            KeyStore clientPub = KeyStore.getInstance("JKS");
            clientPub.load(new FileInputStream("authTrustedStore"),"password".toCharArray());
            TrustManagerFactory trustManager = TrustManagerFactory.getInstance("SunX509");
            trustManager.init(clientPub);

          //use keys to create SSLSoket
          SSLContext ssl = SSLContext.getInstance("TLS");
          ssl.init(serverKeyManager.getKeyManagers(), trustManager.getTrustManagers(), SecureRandom.getInstance("SHA1PRNG"));
          serverSock = (SSLServerSocket)ssl.getServerSocketFactory().createServerSocket(8889);
          serverSock.setNeedClientAuth(true);
          socket = (SSLSocket)serverSock.accept();

Before you start the handshake and/or accept the serverSocket connection, you can request certificate from server and or client.