FHIR Validation Services Remote Terminology Client TLS / SSL (Encryption)
The FHIR Validation Services Remote Terminology Client TLS / SSL (Encryption) configuration category includes the following configurable options:
TLS Client Authentication
TLS Enabled
TLS KeyStore Filename
TLS KeyStore Key Alias
TLS KeyStore Key Password
TLS KeyStore Password
TLS Cipher Blacklist
TLS Cipher Whitelist
TLS Protocol Blacklist
TLS Protocol Whitelist
TLS TrustStore Filename
TLS TrustStore Password
TLS: Disable SNI checking for debugging
|
TLS Client Authentication |
|
|
BOOLEAN | |
Should the listener for this module require incoming connections to authenticate using TLS Client Authentication? | |
|
|
false
|
|
|
|
TLS Enabled |
|
|
BOOLEAN | |
Should the listener for this module require TLS (i.e. SSL or HTTPS) encryption for incoming connections? | |
|
|
false
|
|
|
|
TLS KeyStore Filename |
|
|
Resource Path | |
The filename for the TLS KeyStore used to hold private keys for TLS connections. This can be in the format classpath:path/to/file.p12 or file:///path/to/file.p12 . Valid file extensions are .jks (Java Keystore) or .p12 (PKCS#12 store).
|
|
|
|
(no default) | |
|
|
TLS KeyStore Key Alias |
|
|
STRING | |
The alias for the specific key within the KeyStore that should be selected for incoming TLS connections. | |
|
|
(no default) | |
|
|
TLS KeyStore Key Password |
|
|
PASSWORD | |
The password for the specific key within the KeyStore (leave blank if the key has no password). | |
|
|
(no default) | |
|
|
TLS KeyStore Password |
|
|
PASSWORD | |
The password for the TLS KeyStore (leave blank if the store has no password). | |
|
|
(no default) | |
|
|
TLS Cipher Blacklist |
|
|
STRING | |
If specified, contains a space-separated list of ciphers that are not permitted for use by TLS clients. See Selecting Ciphers and Protocol for more information. | |
|
|
(no default) | |
|
|
TLS Cipher Whitelist |
|
|
STRING | |
If specified, contains a space-separated list of ciphers that are permitted for use by TLS clients. See Selecting Ciphers and Protocol for more information. | |
|
|
(no default) | |
|
|
TLS Protocol Blacklist |
|
|
STRING | |
If specified, contains a space-separated list of protocols that are not permitted for use by TLS clients. See Selecting Ciphers and Protocol for more information. | |
|
|
(no default) | |
|
|
TLS Protocol Whitelist |
|
|
STRING | |
If specified, contains a space-separated list of protocols that are permitted for use by TLS clients. See Selecting Ciphers and Protocol for more information. | |
|
|
(no default) | |
|
|
TLS TrustStore Filename |
|
|
Resource Path | |
The filename for the TLS TrustStore used to hold trusted certificates for TLS connections. This can be in the format classpath:path/to/file.p12 or file:///path/to/file.p12 . Valid file extensions are .jks (Java Keystore) or .p12 (PKCS#12 store).
|
|
|
|
(no default) | |
|
|
TLS TrustStore Password |
|
|
PASSWORD | |
The password for the TLS TrustStore (leave blank if the store has no password). | |
|
|
(no default) | |
|
|
TLS: Disable SNI checking for debugging |
|
|
BOOLEAN | |
If specified, disables SNI checking for any module that uses TLS (not recommended for production) | |
|
|
false
|
|
|