TLS / SSL (Encryption)
The TLS / SSL (Encryption) configuration category includes the following configurable options:
TLS KeyStore Filename
TLS KeyStore Password
TLS KeyStore Key Alias
TLS KeyStore Key Password
TLS Enabled
TLS Client Authentication
TLS TrustStore Filename
TLS TrustStore Password
TLS Cipher Whitelist
TLS Cipher Blacklist
TLS Protocol Whitelist
TLS Protocol Blacklist
|
|
LOCAL_FILEPATH | |
The filename for the TLS KeyStore used to hold private keys for TLS connections. This can be in the format classpath:path/to/file.p12 or file:///path/to/file.p12 . Valid file extensions are .jks (Java Keystore) or .p12 (PKCS#12 store).
|
|
(no default) | |
Yes |
|
|
PASSWORD | |
The password for the TLS KeyStore (leave blank if the store has no password). | |
(no default) | |
Yes |
|
|
STRING | |
The alias for the specific key within the KeyStore that should be selected for incoming TLS connections. | |
(no default) | |
Yes |
|
|
PASSWORD | |
The password for the specific key within the KeyStore (leave blank if the key has no password). | |
(no default) | |
Yes |
|
|
BOOLEAN | |
Should the listener for this module require TLS (i.e. SSL or HTTPS) encryption for incoming connections? | |
false
|
|
No |
|
|
BOOLEAN | |
Should the listener for this module require incoming connections to authenticate using TLS Client Authentication? | |
false
|
|
No |
|
|
LOCAL_FILEPATH | |
The filename for the TLS TrustStore used to hold trusted certificates for TLS connections. This can be in the format classpath:path/to/file.p12 or file:///path/to/file.p12 . Valid file extensions are .jks (Java Keystore) or .p12 (PKCS#12 store).
|
|
(no default) | |
Yes |
|
|
PASSWORD | |
The password for the TLS TrustStore (leave blank if the store has no password). | |
(no default) | |
Yes |
|
|
STRING | |
If specified, contains a space-separated list of ciphers that are permitted for use by TLS clients. See Selecting Ciphers and Protocol for more information. | |
(no default) | |
Yes |
|
|
STRING | |
If specified, contains a space-separated list of ciphers that are not permitted for use by TLS clients. See Selecting Ciphers and Protocol for more information. | |
(no default) | |
Yes |
|
|
STRING | |
If specified, contains a space-separated list of protocols that are permitted for use by TLS clients. See Selecting Ciphers and Protocol for more information. | |
(no default) | |
Yes |
|
|
STRING | |
If specified, contains a space-separated list of protocols that are not permitted for use by TLS clients. See Selecting Ciphers and Protocol for more information. | |
(no default) | |
Yes |