Requirement for a TLS connection uses JAVA 8 to support as many projects as possible. Higher version numbers are of course also supported. TLS version 1.3 is unfortunately not supported in OpenJDK. However, we use Eclipse Temurin™ JAVA 8, which brings a backport for TLS 1.3.

Keystore and Truststore

To use TLS in version 1.3, we need a keystore and a truststore. Both are given to the VM.\work\serverkeystore.jks\work\clienttruststore.jks

To create the two files (for development purposes) we use the JAVA keytool. For production, one certainly uses purchased certificates.

// Create keystore with certificate
keytool -genkey -keypass password -storepass password -keyalg RSA -keystore serverkeystore.jks
// Export certificate (Creates a server.cer file)
keytool -export -storepass password -file server.cer -keystore serverkeystore.jks
// Create truststore
keytool -import -v -trustcacerts -file server.cer -keypass password -storepass password -keystore clienttruststore.jks

It is important here to use the RSA key algorithm to make TLS 1.3 work. - Innovative Distributed System