SSL Server Configuration

You can specify SSL parameters for the HTTP connection here.

General

The following are the fields in the SSL Server Configuration for the HTTP connector.

The General section has the following fields.

Field	Description
Package	The name of the package in which you want to create a shared resource.
Name	The name of the shared resource.
Description	A short description of the shared resource.

Basic SSL Server Configuration

This contains the following fields.

Field	Module Property	Description
Identity Store Provider	No	Used to provide identity store.
Key Alias Name	Yes	The name of the alias used to access the identity.
Key Alias Password	Yes	The password for the alias.
Enable Mutual Authentication	No	Indicates whether the client in the SSL connection authenticates to the server. Selecting this check box displays the identity fields.
Client Auth Type	No	Select the type of client authentication from the drop-down list. The available types are: optional required
Keystore Provider as Trust Store	No	The name of a keystore provider resource instance that maintains a keystore that confirms an identity.

Advanced SSL Server Configuration

Use the following fields for advanced SSL server configuration.

Field	Module Property	Description
SSL Security Provider	Yes	Optional. The SSL security provider. Note: This is the name for the JSSE's cryptographic provider implementing SSLContext. If you are using non-default providers, such as PDCS#11 ones, you might want to override it.
SSL Protocol	No	The SSL protocol to use in the SSL connection. Select from the following options: TLSv1 TLSv1.1 TLSv1.2 SSLv3 – Use of this protocol is discouraged. The default value is TLSv1. Selecting a protocol implies the support of higher versions as well.
SSL Cipher Class	No	The number of bits in the key used to encrypt data: No Exportable Ciphers All Ciphers At Least 128 Bit More Than 128 Bit At Least 256 Bit FIPS Ciphers Explicit Ciphers
Explicit Cipher List	Yes	A list of ciphers. Enabled when SSL Cipher Class is set to Explicit Ciphers. Use the JSSE format for ciphers names.
Verify Remote Host Name	No	Indicates whether the name on the server's certificate must be verified against the server's host name. If the server's host name is different than the name on the certificate, the SSL connection fails. You can verify the name on the certificate against another name by specifying Expected Remote Hostname. Selecting this check box displays the Expected Remote Hostname field. Default: This check box is deselected.
Expected Remote Hostname	Yes	Optional. The expected name of the remote host. The default is None.

Copyright © Cloud Software Group, Inc. All rights reserved.