We can't pass ciphers to NIO or Passthru transport as we do in Servlet
Transport. The provided functionality to specify the SSLProtocol to make
javax.net.ssl.SSLContext. The default is "TLS".
Jeewantha
On Fri, Aug 30, 2013 at 5:48 PM, Reka Thirunavukkarasu <r...@wso2.com>wrote:
> Hi
>
>
> On Mon, Jul 29, 2013 at 5:12 PM, Jeewantha Dharmaparakrama <
> jeewan...@wso2.com> wrote:
>
>> To get SSL context when making an HTTPS connection you need to do this.
>>
>> javax.net.ssl.SSLContext sslcontext =
>> javax.net.ssl.SSLContext.getInstance("TLS");
>>
>> This depends on the JVM. For example on IBM JVM, it should be
>> SSLContext.getInstance("SSL_TLS"); [1]
>>
>
> For the oracle jdk, how do we specify the SSLv3 in the NIO transport? As
> mentioned by Isuru, we need to pass ciphers as well in order to disable
> weak and medium cipher strength.
>
> After configuring the SSLv3 with ciphers, servlet transport is working
> fine. So how can we do the same in NIO transport for oracle JDK?
>
> Thanks,
> Reka
>
>
>> [1]
>> http://publib.boulder.ibm.com/infocenter/javasdk/v6r0/index.jsp?topic=%2Fcom.ibm.java.security.component.doc%2Fsecurity-component%2Fjsse2Docs%2Fsslcontext.html
>>
>>
>> On Fri, Jul 26, 2013 at 11:06 AM, Isuru Perera <isu...@wso2.com> wrote:
>>
>>> Hi,
>>>
>>> When comparing with Tomcat configuration options for SSL [1], it seems
>>> that the SSL transports for ESB lacks support for many important
>>> configurations.
>>>
>>> AFAIK, the option to specify SSL protocol only introduced in ESB 4.7.0.
>>>
>>> On Wed, Jul 24, 2013 at 10:53 AM, Isuru Perera <isu...@wso2.com> wrote:
>>>
>>>>
>>>> Hi,
>>>>
>>>> On Tue, Jul 23, 2013 at 12:54 PM, Ramith Jayasinghe
>>>> <ram...@wso2.com>wrote:
>>>>
>>>>> So now whats the purpose of "HttpsProtocols" which is also configured
>>>>> in axis2.xml (for esb) ?
>>>>>
>>>> Could someone from ESB team please give an answer for this?
>>>>
>>> This configuration is to specify SSL protocol for HTTP transport of
>> Synapse. What we specify in tomcat configuration is for the sevlet
>> transport.
>>
>>>
>>> I think we really need to revisit the SSL transport configurations and
>>> properly document those.
>>>
>>> [1] http://tomcat.apache.org/tomcat-7.0-doc/config/http.html#SSL_Support
>>>
>>>>
>>>>>
>>>>> On Tue, Jul 23, 2013 at 12:14 PM, Isuru Perera <isu...@wso2.com>wrote:
>>>>>
>>>>>> Hi all,
>>>>>>
>>>>>> Thanks Miyuru and Ramith for the information.
>>>>>>
>>>>>> This is fixed in ESB 4.7.0 with ESBJAVA-2029 [1].
>>>>>>
>>>>>> The change is to add a parameter as follows. (I couldn't find about
>>>>>> this in ESB Docs!)
>>>>>>
>>>>>> <parameter name="SSLProtocol">...</parameter>
>>>>>>
>>>>>> I still have a doubt whether this can be used to achieve
>>>>>> StackOverflow user's requirement as there is no place to specify
>>>>>> "ciphers"
>>>>>> parameter.
>>>>>>
>>>>>> Appreciate any guidance on this.
>>>>>>
>>>>>> Thanks!
>>>>>>
>>>>>> [1] https://wso2.org/jira/browse/ESBJAVA-2029
>>>>>>
>>>>>>
>>>>>> On Tue, Jul 23, 2013 at 9:10 AM, Isuru Perera <isu...@wso2.com>wrote:
>>>>>>
>>>>>>> Hi,
>>>>>>>
>>>>>>> This is regarding StackOverflow question [1].
>>>>>>>
>>>>>>> Basically the user needs to configure sslProtocol + other parameters
>>>>>>> as defined in Tomcat connector [2].
>>>>>>>
>>>>>>> I gave a quick answer by looking at the docs. I informed that those
>>>>>>> parameters can be specified in HTTPS Servlet Transport since it is
>>>>>>> based on
>>>>>>> the Tomcat connector.
>>>>>>>
>>>>>>> Please let me know how to achieve similar SSL configuration in NHTTP
>>>>>>> or PassThrough transport.
>>>>>>>
>>>>>>> Thanks!
>>>>>>>
>>>>>>> [1]
>>>>>>> http://stackoverflow.com/questions/17752636/wso2-esb-4-0-3-how-to-specify-sslprotocol-parameter-for-transport-listner-http
>>>>>>> [2] http://tomcat.apache.org/tomcat-7.0-doc/config/http.html
>>>>>>>
>>>>>>> --
>>>>>>> Isuru Perera
>>>>>>> Senior Software Engineer | WSO2, Inc. | http://wso2.com/
>>>>>>> Lean . Enterprise . Middleware
>>>>>>>
>>>>>>> Twitter: http://twitter.com/chrishantha | LinkedIn:
>>>>>>> http://lk.linkedin.com/in/chrishantha/
>>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Isuru Perera
>>>>>> Senior Software Engineer | WSO2, Inc. | http://wso2.com/
>>>>>> Lean . Enterprise . Middleware
>>>>>>
>>>>>> Twitter: http://twitter.com/chrishantha | LinkedIn:
>>>>>> http://lk.linkedin.com/in/chrishantha/
>>>>>>
>>>>>> _______________________________________________
>>>>>> Dev mailing list
>>>>>> Dev@wso2.org
>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Ramith Jayasinghe
>>>>> Technical Lead
>>>>> WSO2 Inc., http://wso2.com
>>>>> lean.enterprise.middleware
>>>>>
>>>>> E: ram...@wso2.com
>>>>> P: +94 776715671
>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>> Isuru Perera
>>>> Senior Software Engineer | WSO2, Inc. | http://wso2.com/
>>>> Lean . Enterprise . Middleware
>>>>
>>>> Twitter: http://twitter.com/chrishantha | LinkedIn:
>>>> http://lk.linkedin.com/in/chrishantha/
>>>>
>>>
>>>
>>>
>>> --
>>> Isuru Perera
>>> Senior Software Engineer | WSO2, Inc. | http://wso2.com/
>>> Lean . Enterprise . Middleware
>>>
>>> Twitter: http://twitter.com/chrishantha | LinkedIn:
>>> http://lk.linkedin.com/in/chrishantha/
>>>
>>> _______________________________________________
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>>
>> --
>> Jeewantha Dharmaparakrama
>>
>> Software Engineer; WSO2, Inc.; http://wso2.com/
>>
>> Phone : (+94) 774726790
>> Skype : prasad.jeewantha
>> LinkedIn : http://www.linkedin.com/in/jeewanthad
>> Twitter: https://twitter.com/jeewamp
>> Blog: http://jeewanthad.blogspot.com/
>>
>> _______________________________________________
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
> Reka Thirunavukkarasu
> Software Engineer,
> WSO2, Inc.:http://wso2.com,
>
>
--
Jeewantha Dharmaparakrama
Software Engineer; WSO2, Inc.; http://wso2.com/
Phone : (+94) 774726790
Skype : prasad.jeewantha
LinkedIn : http://www.linkedin.com/in/jeewanthad
Twitter: https://twitter.com/jeewamp
Blog: http://jeewanthad.blogspot.com/
_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
