When I tried to run the program there was an exception saying that there was no certificate found (I cannot remember exactly the exception).
I solved this by installing the certificate into cacerts file and everything worked fine.
Note: This certificate is a self-signed and is not validated by any CA.
However, the clients to whom this software will be distributed should not have to do this.
How can I create a SSL/TLS Java client w/o installing untrusted certificate.
If some more clarification is needed do not hesitate do ask.
If you have a self-signed certificate, any properly secure client is going to inform you before you attempt to connect to that server via SSL. It would be a major security vulnerability not to.
Many clients do have the ability to add a confirmation to accept the cert and proceed, which is done via a pop-up dialog and/or a command-line switch. The point being is that the end user should be aware of, and consciously agree to talk to a server whose authenticity and trustworthiness cannot be independently proven.
If that is not suitable, get a signed cert. You can get them free from letsencrypt, although those have to be renewed every 90 days - an expired cert also causes the client to question the user. There are additionally some fairly inexpensive cert authorities for longer-term certs and if you want extra bells and whistles, the big name certifiers add additional trustworthiness features that clients will often display as medallions next to the navigation control to assure users of the server's bona fides.
An IDE is no substitute for an Intelligent Developer.
posted 5 days ago
I Just wanted to share with you my findings. Maybe someone will find this useful.
At the moment of writing this, I can say with 99% certainty that what I wanted in the first place IS possible. I implemented it and in localhost (both server and the client) everything works. The 1% left is because I still need to test my solution with Wireshark to see that the communication is actually SSL/TLS encrypted.
I will update once these tests are done.
First of all, big thanks to this article. It helped me achieve what I wanted, even though it is HTTPS related. My client is a TCP client implementing custom protocol.