SSL Client Configuration

You can specify SSL parameters for the HTTP client shared resource here.

SSL Client Configuration

The General section in the SSL Client Configuration has the following fields.

Field	Description
Package	The name of the package in which you want to create a shared resource.
Name	The name of the shared resource.
Description	A short description of the shared resource.

Basic SSL Client Configuration

This section has the following fields.

Field	Module Property	Description
Keystore Provider As Trust Store	No	The name of a keystore provider resource instance that maintains a keystore that confirms an identity.
Enable Mutual Authentication	No	Indicates whether the client in the SSL connection authenticates to the server. Select this check box to enable the identity fields.
Identity Store Provider	No	The name of keystore provider resource that maintains a keystore used to assert an identity.
Key Alias Name	Yes	The name of the alias used to access the identity.
Key Alias Password	Yes	The password for the alias.

Advanced Client SSL Configuration

This section contains the following fields.

Field	Module Property	Description
SSL Security Provider	Yes	Optional. The SSL security provider. Note: This is the name for the JSSE's cryptographic provider implementing SSLContext. If you are using non-default providers, such as PDCS#11, you might want to override it.
SSL Protocol	No	The SSL protocol to use in the SSL connection: TLSv1 TLSv1.1 TLSv1.2 SSLv3 - Use of this protocol is discouraged. The default value is TLSv1. Selecting a protocol implies the support of higher versions as well.
SSL Cipher Class	No	The number of bits in the key used to encrypt data: No Exportable Ciphers All Ciphers At Least 128 Bit More Than 128 Bit At Least 256 Bit FIPS Ciphers Explicit Ciphers The greater the number of bits in the key (cipher strength), the more possible key combinations and the longer it takes to break the encryption. The default is At Least 128 Bit.
Explicit Cipher List	Yes	A list of ciphers. Enabled when SSL Cipher Class is set to Explicit Ciphers. Use the JSSE format for ciphers names.
Verify Remote Host name	No	Indicates whether the name on the server's certificate must be verified against the server's host name. If the server's host name is different than the name on the certificate, the SSL connection fails. The name on the certificate can be verified against another name by specifying Expected Remote Hostname. Selecting this check box displays the Expected Remote Hostname field. Default: This check box is deselected.
Expected Remote Hostname	Yes	Optional. The expected name of the remote host. The default is None.

Copyright © Cloud Software Group, Inc. All rights reserved.