The TLSClientParameters are listed here and here.
Attribute |
Default |
Since |
Description |
---|---|---|---|
|
|
|
Certificate Constraints specification. |
|
default sslContext cipher suites |
|
CipherSuites that will be supported. |
|
|
|
filters of the supported CipherSuites that will be supported and used if available. |
|
|
2.0.5 |
Indicates whether that the hostname given in the HTTPS URL will be checked against the service's Common Name (CN) given in its certificate during SOAP client requests, and failing if there is a mismatch. If set to |
|
default JVM provider associated with protocol |
|
JSSE provider name. |
|
JVM default Key Managers |
|
Key Managers to hold X509 certificates. |
|
JVM default Secure Random |
|
SecureRandom specification. |
|
"TLS" |
|
Protocol Name. Most common example are "SSL", "TLS" or "TLSv1". |
|
JVM default Trust Managers |
|
TrustManagers to validate peer X509 certificates. |
|
|
2.2.7 |
specifies if HttpsURLConnection.getDefaultSSLSocketFactory() should be used to create https connections. If ' |
|
|
2.2.7 |
This attribute specifies if HttpsURLConnection.getDefaultHostnameVerifier() should be used to create https connections. If ' |
Note : disableCNcheck
is a parameterized boolean, you can use a fixed variable true
|false
as well as a Spring externalized property variable (e.g. ${disable-https-hostname-verification
}) or a Spring expression (e.g. #{systemProperties['dev-mode']
}).
Sample :
... <http-conf:conduit name="{http://example.com/}HelloWorldServicePort.http-conduit"> <!-- deactivate HTTPS url hostname verification (localhost, etc) --> <!-- WARNING ! disableCNcheck=true should NOT be used in production --> <http-conf:tlsClientParameters disableCNcheck="true" /> ... </http-conf:conduit> ...