...
Attribute | Default | Description |
---|---|---|
| JVM default Key Managers | Key Managers to hold X509 certificates. |
| JVM default Trust Managers | TrustManagers to validate peer X509 certificates. |
| JVM default provider associated with protocol | JSSE provider name. |
| JVM default cipher suites | CipherSuites that will be supported. |
|
| filters of the supported CipherSuites that will be supported and used if available. |
|
| Certificate Constraints specification. |
| JVM default Secure Random | SecureRandom specification. |
| "TLS" | Protocol Name. Most common example are "SSL", "TLS" or "TLSv1". |
|
| Cert alias to use. Useful when keystore has multiple certs. |
enableRevocation CXF 3.1.11 | "false" | This attribute specifies whether to enable revocation when checking the client/server certificate. To enable "ocsp" this should be set to "true" (along with the Java Security property "ocsp.enable"). |
Note that from CXF 3.0.3 and 2.7.14, the SSLv3 protocol is disabled on the client side, and on the service side (if Jetty is used), unless "SSLv3" is explicitly specified for the "secureSocketProtocol" parameter.
...