You are viewing the documentation for the 2.5.18 release in the 2.5.x series of releases. The latest stable release series is 3.0.x.

§Configuring WS SSL

Play WS allows you to set up HTTPS completely from a configuration file, without the need to write code. It does this by layering the Java Secure Socket Extension (JSSE) with a configuration layer and with reasonable defaults.

JDK 1.8 contains an implementation of JSSE which is significantly more advanced than previous versions, and should be used if security is a priority.

NOTE: It is highly recommended (if not required) to use WS SSL with the
unlimited strength java cryptography extension. You can download the policy files from Oracle’s website at Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 8 Download.

§Table of Contents

Quick Start to WS SSL
Generating X.509 Certificates
Configuring Trust Stores and Key Stores
Configuring Protocols
Configuring Cipher Suites
Configuring Certificate Validation
Configuring Certificate Revocation
Configuring Hostname Verification
Example Configurations
Using the Default SSLContext
Debugging SSL Connections
Loose Options
Testing SSL

§Further Reading

JSSE is a complex product. For convenience, the JSSE materials are provided here:

JDK 1.8:

JSSE Reference Guide
JSSE Crypto Spec
SunJSSE Providers
PKI Programmer’s Guide
keytool

Next: Quick Start to WS SSL