Creating SSL sockets in Java using out-of-the-box APIs isn’t good enough

Lately, I have had to work on a Java solution that involved locking down SSL. What do I mean by this? Quite simply, the list of default ciphers provided to Java’s SSLSocket/SSLServerSocket includes some really crazy choices. A few are low grade ciphers (40 bit and 56 bit), and some even have no encryption. Essentially, […]