SSL Client Configuration
You can specify SSL parameters for the HTTP client shared resource here.
SSL Client Configuration
The General section in the SSL Client Configuration has the following fields.
Field | Description |
---|---|
Package | The name of the package in which you want to create a shared resource. |
Name | The name of the shared resource. |
Description | A short description of the shared resource. |
Basic SSL Client Configuration
This section has the following fields.
Field | Module Property | Description |
---|---|---|
Keystore Provider As Trust Store | No | The name of a keystore provider resource instance that maintains a keystore that confirms an identity. |
Enable Mutual Authentication | No | Indicates whether the client in the SSL connection authenticates to the server. Select this checkbox to enable the identity fields. |
Identity Store Provider | No | The name of the keystore provider resource that maintains a keystore used to assert an identity. |
Key Alias Name | Yes | The name of the alias used to access the identity. |
Key Alias Password | Yes | The password for the alias. |
Advanced Client SSL Configuration
This section contains the following fields.
Field | Module Property | Description |
---|---|---|
SSL Security Provider | Yes | Optional. The SSL security provider.
Note: This is the name for the JSSE's cryptographic provider implementing SSLContext. If you are using non-default providers, such as PDCS#11, you might want to override it.
|
SSL Protocol | No | The SSL protocol to use in the SSL connection:
The default value is TLSv1.2. Selecting a protocol implies the support of higher versions as well. Note:
|
SSL Cipher Class | No | The number of bits in the key used to encrypt data:
The greater the number of bits in the key (cipher strength), the more possible key combinations and the longer it takes to break the encryption. The default is At Least 128 Bit. |
Explicit Cipher List | Yes | A list of ciphers. Enabled when SSL Cipher Class is set to Explicit Ciphers. Use the JSSE format for ciphers names. |
Verify Remote Host name | No | Indicates whether the name on the server's certificate must be verified against the server's host name. If the server's host name is different than the name on the certificate, the SSL connection fails. The name on the certificate can be verified against another name by specifying
Expected Remote Hostname.
Selecting this checkbox displays the Expected Remote Hostname field. Default: This checkbox is deselected. |
Expected Remote Hostname | Yes | Optional. The expected name of the remote host.
The default is None. |