SSL Client Provider
The SSL Client Provider resource template maintains the credentials required by an SSL client.
| Field | Required? | Editable? | Accepts SVars? | Description |
|---|---|---|---|---|
| Keystore Provider as Trust Store | Y | Y | Y | The name of a Keystore Provider resource that maintains the keystore that confirms an identity. |
| Enable Access to Trust Store | N | N | N | Enables access to a trust credential store. To establish SSL connections, certain third-party systems, such as MySQL, require access to a keystore file location. In such situations, the Administrator provides a copy of the credentials in a keystore. The credentials are written to the disk and used by the third party as the SSL credential store. Default: Checked |
| Enable Mutual Authentication | N | Y | N | Indicates whether the client in the SSL connection authenticates with the server. When selected, the identity fields are enabled. Default: Unchecked |
| Keystore Provider Having Identity | Y | Y | Y | Name of Keystore Provider resource that maintains a keystore used to assert an identity. |
| Enable Access to Credential Store Containing Identity | N | N | N |
Enables access to an identity keystore. To establish SSL connections, certain third-party systems, such as MySQL, require access to a keystore file location. In such situations, the Administrator provides a copy of credentials in a keystore which are written to the disk and used by the third party as the SSL credential store. To prevent the Administrator from providing credentials, clear the check box. Default: Unchecked |
| Key Alias To Access Identity | Y | Y | Y | Name of the alias used to access the identity. Default: None |
| Key Alias Password | Y | Y | Y |
Password for the alias. Note: If you try to update the existing encrypted password then the existing password will be removed. You can add a new password. |
| Max Pool Size | N | Y | Y |
Specifies the maximum number of connections in the connection pool. Default: 20 |
| Field | Required? | Editable? | Accepts SVars? | Description |
|---|---|---|---|---|
| SSL Security Provider | N | Y | Y | (Optional) The SSL security provider. |
| SSL Protocol | N | Y | N |
The SSL protocol to use in the SSL connection:
Default: TLSv1.2 |
| SSL Cipher Class | N | Y | N |
The number of bits in the key used to encrypt data:
The greater the number of bits in the key (cipher strength), the more possible key combinations and the longer it takes to break the encryption. Default: At Least 128 Bit |
| Explicit Cipher List | N | Y | Y | A list of ciphers. Enabled when SSL Cipher Class is set to Explicit Ciphers. Use the JSSE format for ciphers names. Default: None |
| Verify Remote Hostname | N | N | N |
Indicates whether the name on the server's certificate must be verified against the server's hostname. If the server's hostname is different than the name on the certificate, the SSL connection fails. The name on the certificate can be verified against another name by specifying Expected Remote Hostname. When selected, the Expected Remote Hostname field is enabled. Default: Unchecked |
| Expected Remote Hostname | N | Y | Y | The expected name of the remote host. Default: None |