+49 228 5552576-0


info@predic8.com

ssl

Description

Configures inbound or outbound SSL connections.

Can be used in

spring:beans, etcdBasedConfigurator, github, google, membrane, registration, serviceProxy, soapProxy, stompClient, stompProxy, swaggerProxy and target

Syntax

				<ssl 
						[algorithm="..."] 
						[protocol="..."] 
						[ciphers="..."] 
						[clientAuth="..."]>
					<keystore   
							location="..." [password="..."] 
							[type="..."] [provider="..."] 
							[keyPassword="..."] [keyAlias="..."] >?
					<truststore 
							location="..." [password="..."] 
							[type="..."] [provider="..."] 
							[algorithm="..."] >?
				</ssl>
			
Listing 1: ssl Syntax

Sample

Inbound Sample

This example is taken from examples/ssl-server. It demonstrates how to configure inbound SSL.

				<serviceProxy port="443">
					<ssl>
						<keystore 
								location="../../conf/membrane.jks" 
								password="secret" keyPassword="secret" />
						<truststore 
								location="../../conf/membrane.jks" password="secret" />
					</ssl>
					<wsdlRewriter protocol="https" />
					<target host="thomas-bayer.com" />
				</serviceProxy>
			
Listing 23: Inbound ssl Example

Outbound Sample

This example is taken from examples/ssl-client. It demonstrates how to configure outbound SSL.

				<serviceProxy port="8080">
					<path>/svn</path>
					<target host="predic8.com" port="443">
						<ssl />
					</target>
				</serviceProxy>
			
Listing 23: Outbound ssl Example

Attributes

Name Required Default Description Example
algorithm false java default getDefaultAlgorithm() SunX509
ciphers false all system default ciphers Space separated list of ciphers to allow. getSupportedCipherSuites() TLS_ECDH_anon_WITH_RC4_128_SHA
clientAuth false not set Either not set (=no), or want or need. need
endpointIdentificationAlgorithm false HTTPS See setEndpointIdentificationAlgorithm().
ignoreTimestampCheckFailure false -
protocol false TLS SSLContext.getInstance()
protocols false TLS* SSLSocket.setEnabledProtocols()

Child Elements

Position Cardinality Description Element
1 0..1 keystore
2 0..1 Used to manually compose the keystore. key
3 0..1 truststore
4 0..1 Used to manually compose the truststore. trust

More information

For more information, especially the context and definition of the terminology, see the Java Secure Socket Extension (JSSE) reference guide.

Copyright © 2008-2015 predic8 GmbH
Moltkestr. 40, 53173 Bonn, Tel. +49 (228) 555 25 76-0