Red Hat DocumentationFuse ESBToggle FramesPrintFeedback

SSL/TLS Protocol Version

Overview

The versions of the SSL/TLS protocol that are supported by Fuse Services Framework depend on the particular JSSE provider configured. By default, the JSSE provider is configured to be SUN’s JSSE provider implementation.

SSL/TLS protocol versions supported by SunJSSE

Table 2 shows the SSL/TLS protocol versions supported by SUN’s JSSE provider.

Table 2. SSL/TLS Protocols Supported by SUN’s JSSE Provider

ProtocolDescription
SSLSupports some version of SSL; may support other versions

SSLv2

Supports SSL version 2 or higher

SSLv3

Supports SSL version 3; may support other versions

TLS

Supports some version of TLS; may support other versions

TLSv1

Supports TLS version 1; may support other versions


Specifying the SSL/TLS protocol version

You can specify the preferred SSL/TLS protocol version as an attribute on the http:tlsClientParameters element (client side) or on the httpj:tlsServerParameters element (server side).

Client side SSL/TLS protocol version

You can specify the protocol to be TLS on the client side by setting the secureSocketProtocol attribute as follows:

<?xml version="1.0" encoding="UTF-8"?>
<beans ... >
  ...
  <http:conduit name="{Namespace}PortName.http-conduit">
    ...
    <http:tlsClientParameters secureSocketProtocol="TLS">
    ...
    </http:tlsClientParameters>
  </http:conduit>
  ...
</beans>

Server side SSL/TLS protocol version

You can specify the protocol to be TLS on the server side by setting the secureSocketProtocol attribute as follows:

<?xml version="1.0" encoding="UTF-8"?>
<beans ... >
  ...
  <httpj:engine-factory bus="cxf">
    <httpj:engine port="9001">
      ...
      <httpj:tlsServerParameters secureSocketProtocol="TLS">
        ...
      </httpj:tlsClientParameters>
    </httpj:engine>
  </httpj:engine-factory>
  ...
</beans>
Comments powered by Disqus