SSL Client Shared Resource

You can specify SSL parameters for the HTTP Client shared resource.

General

In the General panel, you can specify the general information of the SSL Client shared resource.

The following table lists the configurations in the General panel of the SSL Client shared resource:

Field Module Property? Description
Package No The name of the package where the new shared resource is added.
Name No The name to be displayed as the label for the shared resource in the process.
Description No A short description for this shared resource.

Basic SSL Client Configuration

In the Basic SSL Client Configuration panel, you can specify the basic configurations of the SSL Client shared resource.

The following table lists the configurations in the Basic SSL Client Configuration panel of the SSL Client shared resource:

Field Module Property? Description
Keystore Provider as Trust Store No The name of a keystore provider resource instance that maintains a keystore that confirms an identity.

For details, see Keystore Provider Shared Resource.

Enable Mutual Authentication No Authentication of the client to the server in the SSL connection.

Select this check box when authenticating messages.

When you select this check box, the configurations of identity provider fields are displayed.

This check box is not selected by default.

Identity Store Provider No The name of keystore provider resource that maintains a keystore used to assert an identity.

This field is only displayed when you select the Enable Mutual Authentication check box.

For details, see Identity Provider Shared Resource.

Key Alias Name Yes The name of the alias used to access the identity.

This field is only displayed when you select the Enable Mutual Authentication check box.

Key Alias Password Yes The password for the alias.

This field is only displayed when you select the Enable Mutual Authentication check box.

Advanced SSL Client Configuration

In the Advanced SSL Client Configuration panel, you can specify the advanced configurations of the SSL Client shared resource.

The following table lists the configurations in the Advanced SSL Client Configuration panel of the SSL Client shared resource:

Field Module Property? Description
SSL Security Provider Yes Optional. The SSL security provider.
SSL Protocol No The SSL protocol to be used in the SSL connection:
  • TLSv1
  • TLSv1.1
  • TLSv1.2
  • SSLv3: it is not good practice to use this protocol.

Selecting a protocol implies the support of higher versions.

The default value is TLSv1.

SSL Cipher Class No The number of bits in the key used to encrypt data:
  • No Exportable Ciphers
  • All Ciphers
  • At Least 128 Bit
  • More Than 128 Bit
  • At Least 256 Bit
  • FIPS Ciphers
  • Explicit Ciphers

The greater the number of bits in the key (cipher strength), the more possible key combinations and the longer it takes to break the encryption.

The default value is At Least 128 Bit.

Explicit Cipher List Yes A list of ciphers.

Use the Java Secure Socket Extension (JSSE) format for ciphers names.

This field is only displayed when you select Explicit Ciphers from the SSL Cipher Class list.

Verify Remote Host Name No The verification of the name on the certificate of the server against the host name of the server.

If the host name of the server is different than the name on the certificate, the SSL connection fails. The name on the certificate can be verified against another name by specifying the value in the Expected Remote Hostname field.

This check box is not selected by default.

When you select this check box, the Expected Remote Hostname field is displayed.

Expected Remote Hostname Yes Optional. The expected name of the remote host.

This field is only displayed when you select the Verify Remote Host Name check box.