...
The TLSClientParameters are listed here and here.
trustAllCertificates
: SSL X509 certificate verification deactivation
...
Attribute | Default | Since | Description |
---|---|---|---|
|
|
| Certificate Constraints specification. |
|
|
| CipherSuites that will be supported. |
|
|
| filters of the supported CipherSuites that will be supported and used if available. |
| | 2.0.5 | Indicates whether that the hostname given in the HTTPS URL will be checked against the service's Common Name (CN) given in its certificate during SOAP client requests, and failing if there is a mismatch. If set to |
...
use a |
...
URL such as |
...
Wiki Markup |
---|
Note : {{trustAllCertificates}} is a parameterized boolean, you can use a fixed variable {{true}}|{{false}} as well as a [Spring externalized property|http://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/html/beans.html#beans-factory-placeholderconfigurer] variable (e.g. {{${trust-all-certificates\}}}) or a [Spring expression|http://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/html/expressions.html#expressions-beandef] (e.g. {{#{systemProperties\['dev-mode'\]\}}}). |
...
...
<http-conf:conduit name="{http://example.com/}HelloWorldServicePort.http-conduit">
<!-- trust all certificates (self-signed certificate, etc) -->
<!-- WARNING ! trustAllCertificates=true should NOT be used in production -->
<http-conf:tlsClientParameters trustAllCertificates="true" />
...
</http-conf:conduit>
...
disableCNcheck
: SSL hostname verification
...
|
|
| JSSE provider name. |
|
|
| KeyManagers specification. |
|
|
| SecureRandom specification. |
|
|
| Protocol Name. Most common example are "SSL", "TLS" or "TLSv1". |
|
|
| TrustManagers specification. |
| | 2.2.7 | specifies if HttpsURLConnection.getDefaultSSLSocketFactory() should be used to create https connections. If ' |
| | 2.2.7 | This attribute specifies if HttpsURLConnection.getDefaultHostnameVerifier() should be used to create https connections. If ' |
Wiki Markup |
---|
Note : {{disableCNcheck}} is a parameterized boolean, you can use a fixed variable {{true}}\|{{false}} as well as a [Spring externalized property|http://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/html/beans.html#beans-factory-placeholderconfigurer] variable (e.g. {{${disable-https-hostname-verification\}}}) or a [Spring expression|http://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/html/expressions.html#expressions-beandef] (e.g. {{#{systemProperties\['dev-mode'\]\}}}). |
Sample :
Code Block | ||||||
---|---|---|---|---|---|---|
| ||||||
... <http-conf:conduit name="{http://example.com/}HelloWorldServicePort.http-conduit"> <!-- deactivate HTTPS url hostname verification (localhost, etc) --> <!-- WARNING ! disableCNcheck=true should NOT be used in production --> <http-conf:tlsClientParameters disableCNcheck="true" /> ... </http-conf:conduit> ... |
...