Description

TLS configuration - common for server and client.

Usages

Configuration options

KeyKindTypeDefault ValueDescription
cipher-suiteLISTString Enabled cipher suites for TLS communication
client-authVALUEi.h.c.t.TlsClientAuthNONEConfigure requirement for mutual TLS
enabledVALUEBooleantrueFlag indicating whether Tls is enabled
endpoint-identification-algorithmVALUEStringHTTPSIdentification algorithm for SSL endpoints
internal-keystore-providerVALUEString Provider of the key stores used internally to create a key and trust manager factories
internal-keystore-typeVALUEString Type of the key stores used internally to create a key and trust manager factories
key-manager-factory-algorithmVALUEString Algorithm of the key manager factory used when private key is defined
managerVALUEi.h.c.t.TlsManager The Tls manager
manager-discover-servicesVALUEBooleanfalseWhether to enable automatic service discovery for manager
private-keyVALUEi.h.c.p.Keys Private key to use
protocolVALUEStringTLSConfigure the protocol used to obtain an instance of javax.net.ssl.SSLContext
protocolsLISTString Enabled protocols for TLS communication
providerVALUEString Use explicit provider to obtain an instance of javax.net.ssl.SSLContext
revocationVALUEi.h.c.t.RevocationConfig Certificate revocation check configuration
secure-random-algorithmVALUEString Algorithm to use when creating a new secure random
secure-random-providerVALUEString Provider to use when creating a new secure random
session-cache-sizeVALUEInteger20480SSL session cache size
session-timeoutVALUEDurationPT24HSSL session timeout
trustLISTi.h.c.p.Keys List of certificates that form the trust manager
trust-allVALUEBooleanfalseTrust any certificate provided by the other side of communication
trust-manager-factory-algorithmVALUEString Trust manager factory algorithm

See the manifest for all available types.