Java Security

when client connects to an RMI server, I need to authenticate the client. So do I need to load the Keystore and Truststore in the class that implements RMIClientSocketFactory.

For instance, I have writen the following class. can somewone check if it is right:

public class RMISSLClientSocketFactory
implements RMIClientSocketFactory, Serializable {


public Socket createSocket(String host, int port)
throws IOException
{
SSLSocketFactory m_socketfactory = null;

try {
// set up key manager to do server authentication
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());

SSLContext ctx;
KeyManagerFactory kmf;
KeyStore ks;


char[] passphrase = "Keystore".toCharArray();
char[] trust= "Truststore".toCharArray();

ctx = SSLContext.getInstance("TLS");
kmf = KeyManagerFactory.getInstance("SunX509");
ks = KeyStore.getInstance("JKS");

ks.load(new FileInputStream("Keystores/Keystore"), passphrase);
kmf.init(ks, passphrase);

//open truststore
KeyStore truststore = KeyStore.getInstance("JKS");
try
{
truststore.load(new FileInputStream("Keystores/Truststore"), trust);
}
catch (IOException ioexception)
{
System.out.println("Cannot load keystore. Password may be wrong.");
System.exit(-3);
}

TrustManagerFactory trustmanagerfactory = TrustManagerFactory.getInstance("SunX509");
trustmanagerfactory.init(truststore);
TrustManager [] artrustmanager = trustmanagerfactory.getTrustManagers();

SecureRandom securerandom = SecureRandom.getInstance("SHA1PRNG");

ctx.init(kmf.getKeyManagers(), artrustmanager, securerandom);

m_socketfactory = ctx.getSocketFactory();
}

catch (Exception e)
{
e.printStackTrace();
}

SSLSocket socket = (SSLSocket)m_socketfactory.createSocket(host, port);
return socket;

/*SSLSocketFactory factory =
(SSLSocketFactory)SSLSocketFactory.getDefault();
SSLSocket socket = (SSLSocket)factory.createSocket(host, port);
return socket;
*/
}