ssl
Configures inbound or outbound SSL connections.
Can be used in
serviceProxy or soapProxy (inbound), target (outbound)
Syntax
<ssl [algorithm="..."] [protocol="..."] [ciphers="..."] [clientAuth="..."]> <keystore location="..." [password="..."] [type="..."] [provider="..."] [keyPassword="..."] [keyAlias="..."] >? <truststore location="..." [password="..."] [type="..."] [provider="..."] [algorithm="..."] >? </ssl>
Listing 1: ssl Syntax
Inbound Sample
This example is taken from examples/ssl-server. It demonstrates how to configure inbound SSL.
<serviceProxy port="443"> <ssl> <keystore location="../../conf/membrane.jks" password="secret" keyPassword="secret" /> <truststore location="../../conf/membrane.jks" password="secret" /> </ssl> <wsdlRewriter protocol="https" /> <target host="thomas-bayer.com" /> </serviceProxy>
Listing 23: Inbound ssl Example
Outbound Sample
This example is taken from examples/ssl-client. It demonstrates how to configure outbound SSL.
<serviceProxy port="8080"> <path>/svn</path> <target host="predic8.com" port="443"> <ssl /> </target> </serviceProxy>
Listing 23: Outbound ssl Example
Attributes
Name | Mandatory | Default | Description | Example |
---|---|---|---|---|
algorithm | No | java default | getDefaultAlgorithm() | SunX509 |
protocol | No | TLS | SSLContext.getInstance() | TLS |
ciphers | No | all system default ciphers | Space separated list of ciphers to allow. getSupportedCipherSuites() | TLS_ECDH_anon_WITH_RC4_128_SHA |
clientAuth | No | not set | Either not set (=no), or want or need. | need |
Child Elements
Name | Cardinality | Description |
---|---|---|
keystore | 0..1 | Defines the keystore. |
truststore | 0..1 | Defines the truststore. |
More information
For more information, especially the context and definition of the terminology, see the Java Secure Socket Extension (JSSE) reference guide.