There are two ways to achieve this.
The easiest Java protocol support and URL object.
But since I think you already understood that the new URL("https://www.google.com").openStream() gives you a clear text input stream, dealing with all the TLS / SSL materials for you, I will go on the "hard" way :)
Just before answering another question: import CA. CA certificates are located in your java house in any of the following locations: $JAVA_HOME/lib/security/cacerts (JRE) or $JAVA_HOME/jre/lib/security/cacerts (JDK; pay attention to "jre" immediately after the java house) for the default password is "changeit"
To list its contents, you can use the keytool command:
$ keytool -list -keystore cacerts -storepass changeit
To add a new certificate, simply use the -import subcommand instead of -list
So, now release the "hard" method (client code):
import javax.net.SocketFactory; import javax.net.ssl.SSLSocketFactory; ... String host = "www.google.com"; int port = 443; SocketFactory basicSocketFactory = SocketFactory.getDefault(); Socket s = basicSocketFactory.createSocket(host,port);
it is so simple.
If you need a server socket, the code is almost the same, you just need to exchange SocketFactory for ServerSocketFactory and SSLSocketFactory for SSLServerSocketFactory
hope this helps