I wrote a pair of code (server/client) to see how SSL on Java can be implemented.

In this sample, only the server certificate is used. The client validates the server certificate, but the server doesn't care the client's authenticity. That is OK because the most web server behave like that.

Client side of the code - SSLClient.java

import java.io.*;
import java.security.KeyStore;