...
Attribute | Default | Description |
---|---|---|
| JVM default Key Managers | Key Managers to hold X509 certificates. |
| JVM default Trust Managers | TrustManagers to validate peer X509 certificates. |
| JVM default provider associated with protocol | JSSE provider name. |
| JVM default cipher suites | CipherSuites that will be supported. |
|
| filters of the supported CipherSuites that will be supported and used if available. |
|
| Certificate Constraints specification. |
| JVM default Secure Random | SecureRandom specification. |
| "TLS" | Protocol Name. Most common example are "SSL", "TLS" or "TLSv1". |
|
| Cert alias to use. Useful when keystore has multiple certs. |
...
Attribute | Default | Description |
---|---|---|
| | Indicates whether that the hostname given in the HTTPS URL will be checked against the service's Common Name (CN) given in its certificate during requests, and failing if there is a mismatch. If set to |
|
| A SSLSocketFactory to use. All other bean properties are ignored if this is set. |
| 86400 seconds (24 hours) | SSL Cache Timeout in seconds. |
| | This attribute specifies if HttpsURLConnection.getDefaultSSLSocketFactory() should be used to create https connections. If ' |
| | This attribute specifies if HttpsURLConnection.getDefaultHostnameVerifier() should be used to create https connections. If ' |
Wiki Markup |
---|
Note : {{disableCNcheckdisableCNCheck}} is a parameterized boolean, you can use a fixed variable {{true}}\|{{false}} as well as a [Spring externalized property|http://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/html/beans.html#beans-factory-placeholderconfigurer] variable (e.g. {{${disable-https-hostname-verification\}}}) or a [Spring expression|http://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/html/expressions.html#expressions-beandef] (e.g. {{#{systemProperties\['dev-mode'\]\}}}). |
...
Code Block | ||||||
---|---|---|---|---|---|---|
| ||||||
... <http-conf:conduit name="{http://example.com/}HelloWorldServicePort.http-conduit"> <!-- deactivate HTTPS url hostname verification (localhost, etc) --> <!-- WARNING ! disableCNcheck=true should NOT be used in production --> <http-conf:tlsClientParameters disableCNcheckdisableCNCheck="true" /> ... </http-conf:conduit> ... |
...