ssl

Configures inbound or outbound SSL connections.

Can be used in

serviceProxy or soapProxy (inbound), target (outbound)

Syntax

				<ssl 
						[algorithm="..."] 
						[protocol="..."] 
						[ciphers="..."] 
						[clientAuth="..."]>
					<keystore   
							location="..." [password="..."] 
							[type="..."] [provider="..."] 
							[keyPassword="..."] [keyAlias="..."] >?
					<truststore 
							location="..." [password="..."] 
							[type="..."] [provider="..."] 
							[algorithm="..."] >?
				</ssl>

Listing 1: ssl Syntax

Inbound Sample

This example is taken from examples/ssl-server. It demonstrates how to configure inbound SSL.

				<serviceProxy port="443">
					<ssl>
						<keystore 
								location="../../conf/membrane.jks" 
								password="secret" keyPassword="secret" />
						<truststore 
								location="../../conf/membrane.jks" password="secret" />
					</ssl>
					<wsdlRewriter protocol="https" />
					<target host="thomas-bayer.com" />
				</serviceProxy>

Listing 23: Inbound ssl Example

Outbound Sample

This example is taken from examples/ssl-client. It demonstrates how to configure outbound SSL.

				<serviceProxy port="8080">
					<path>/svn</path>
					<target host="predic8.com" port="443">
						<ssl />
					</target>
				</serviceProxy>

Listing 23: Outbound ssl Example

Attributes

Name	Mandatory	Default	Description	Example
algorithm	No	java default	getDefaultAlgorithm()	SunX509
protocol	No	TLS	SSLContext.getInstance()	TLS
ciphers	No	all system default ciphers	Space separated list of ciphers to allow. getSupportedCipherSuites()	TLS_ECDH_anon_WITH_RC4_128_SHA
clientAuth	No	not set	Either not set (=no), or `want` or `need`.	`need`

Child Elements

Name	Cardinality	Description
keystore	0..1	Defines the keystore.
truststore	0..1	Defines the truststore.

More information

For more information, especially the context and definition of the terminology, see the Java Secure Socket Extension (JSSE) reference guide.