Easiest way to do SSLSocketServer (certificate generation at runtime)

I want a simple way to create a SSLServerSocket. I would like for a self-signed certificate to be generated and used at runtime because the data needs to be protected, but it isn't super important that it is very, very secure.

I found tutorials on making an SSLServerSock开发者_开发百科et but they assume that you had a proper certificate.

Psuedo-code, code examples and a simple paragraph are all acceptable answers.

The easiest way to do it may be invoking an external program. openssl is a great tool for many encryption things... Make a self signed cert with:

openssl req -new -newkey rsa:1024 -days 365 -nodes -x509 -keyout www.example.com.pem  -out www.example.com.pem

You could run such generation with Runtime.exec() or using a ProcessBuilder.

Normally self-signed certificate has no sense at all if it's generated on each run of the server. It's better to create a self-signed certificate once (during server setup, for example) and that's all.

There's a good description and discussion of self-signed certificates for securing communication in this StackOverflow topic. Please read it as well, as it addresses your question too.