The versions of the SSL/TLS protocol that are supported by Fuse Services Framework depend on the particular JSSE provider configured. By default, the JSSE provider is configured to be SUN’s JSSE provider implementation.
Table 2 shows the SSL/TLS protocol versions supported by SUN’s JSSE provider.
Table 2. SSL/TLS Protocols Supported by SUN’s JSSE Provider
| Protocol | Description |
|---|---|
SSL | Supports some version of SSL; may support other versions |
|
|
Supports SSL version 2 or higher |
|
|
Supports SSL version 3; may support other versions |
|
|
Supports some version of TLS; may support other versions |
|
|
Supports TLS version 1; may support other versions |
You can specify the preferred SSL/TLS protocol version as an attribute on the http:tlsClientParameters element (client side) or on the httpj:tlsServerParameters element (server side).
You can specify the protocol to be TLS on the client side by setting the secureSocketProtocol attribute as follows:
<?xml version="1.0" encoding="UTF-8"?>
<beans ... >
...
<http:conduit name="{Namespace}PortName.http-conduit">
...
<http:tlsClientParameters secureSocketProtocol="TLS">
...
</http:tlsClientParameters>
</http:conduit>
...
</beans>You can specify the protocol to be TLS on the server side by setting the secureSocketProtocol attribute as follows:
<?xml version="1.0" encoding="UTF-8"?>
<beans ... >
...
<httpj:engine-factory bus="cxf">
<httpj:engine port="9001">
...
<httpj:tlsServerParameters secureSocketProtocol="TLS">
...
</httpj:tlsClientParameters>
</httpj:engine>
</httpj:engine-factory>
...
</beans> |  |  |
 |
