Please see http://docs.oracle.com/javase/7/docs/api/javax/net/ssl/SSLContext.html#getInstance(java.lang.String) http://docs.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html#SSLContext
On Sat, Aug 31, 2013 at 7:03 AM, Jeewantha Dharmaparakrama < [email protected]> wrote: > We can't pass ciphers to NIO or Passthru transport as we do in Servlet > Transport. The provided functionality to specify the SSLProtocol to make > javax.net.ssl.SSLContext. The default is "TLS". > > Jeewantha > > > On Fri, Aug 30, 2013 at 5:48 PM, Reka Thirunavukkarasu <[email protected]>wrote: > >> Hi >> >> >> On Mon, Jul 29, 2013 at 5:12 PM, Jeewantha Dharmaparakrama < >> [email protected]> wrote: >> >>> To get SSL context when making an HTTPS connection you need to do this. >>> >>> javax.net.ssl.SSLContext sslcontext = >>> javax.net.ssl.SSLContext.getInstance("TLS"); >>> >>> This depends on the JVM. For example on IBM JVM, it should be >>> SSLContext.getInstance("SSL_TLS"); [1] >>> >> >> For the oracle jdk, how do we specify the SSLv3 in the NIO transport? As >> mentioned by Isuru, we need to pass ciphers as well in order to disable >> weak and medium cipher strength. >> >> After configuring the SSLv3 with ciphers, servlet transport is working >> fine. So how can we do the same in NIO transport for oracle JDK? >> >> Thanks, >> Reka >> >> >>> [1] >>> http://publib.boulder.ibm.com/infocenter/javasdk/v6r0/index.jsp?topic=%2Fcom.ibm.java.security.component.doc%2Fsecurity-component%2Fjsse2Docs%2Fsslcontext.html >>> >>> >>> On Fri, Jul 26, 2013 at 11:06 AM, Isuru Perera <[email protected]> wrote: >>> >>>> Hi, >>>> >>>> When comparing with Tomcat configuration options for SSL [1], it seems >>>> that the SSL transports for ESB lacks support for many important >>>> configurations. >>>> >>>> AFAIK, the option to specify SSL protocol only introduced in ESB 4.7.0. >>>> >>>> On Wed, Jul 24, 2013 at 10:53 AM, Isuru Perera <[email protected]> wrote: >>>> >>>>> >>>>> Hi, >>>>> >>>>> On Tue, Jul 23, 2013 at 12:54 PM, Ramith Jayasinghe >>>>> <[email protected]>wrote: >>>>> >>>>>> So now whats the purpose of "HttpsProtocols" which is also configured >>>>>> in axis2.xml (for esb) ? >>>>>> >>>>> Could someone from ESB team please give an answer for this? >>>>> >>>> This configuration is to specify SSL protocol for HTTP transport of >>> Synapse. What we specify in tomcat configuration is for the sevlet >>> transport. >>> >>>> >>>> I think we really need to revisit the SSL transport configurations and >>>> properly document those. >>>> >>>> [1] >>>> http://tomcat.apache.org/tomcat-7.0-doc/config/http.html#SSL_Support >>>> >>>>> >>>>>> >>>>>> On Tue, Jul 23, 2013 at 12:14 PM, Isuru Perera <[email protected]>wrote: >>>>>> >>>>>>> Hi all, >>>>>>> >>>>>>> Thanks Miyuru and Ramith for the information. >>>>>>> >>>>>>> This is fixed in ESB 4.7.0 with ESBJAVA-2029 [1]. >>>>>>> >>>>>>> The change is to add a parameter as follows. (I couldn't find about >>>>>>> this in ESB Docs!) >>>>>>> >>>>>>> <parameter name="SSLProtocol">...</parameter> >>>>>>> >>>>>>> I still have a doubt whether this can be used to achieve >>>>>>> StackOverflow user's requirement as there is no place to specify >>>>>>> "ciphers" >>>>>>> parameter. >>>>>>> >>>>>>> Appreciate any guidance on this. >>>>>>> >>>>>>> Thanks! >>>>>>> >>>>>>> [1] https://wso2.org/jira/browse/ESBJAVA-2029 >>>>>>> >>>>>>> >>>>>>> On Tue, Jul 23, 2013 at 9:10 AM, Isuru Perera <[email protected]>wrote: >>>>>>> >>>>>>>> Hi, >>>>>>>> >>>>>>>> This is regarding StackOverflow question [1]. >>>>>>>> >>>>>>>> Basically the user needs to configure sslProtocol + other >>>>>>>> parameters as defined in Tomcat connector [2]. >>>>>>>> >>>>>>>> I gave a quick answer by looking at the docs. I informed that those >>>>>>>> parameters can be specified in HTTPS Servlet Transport since it is >>>>>>>> based on >>>>>>>> the Tomcat connector. >>>>>>>> >>>>>>>> Please let me know how to achieve similar SSL configuration in >>>>>>>> NHTTP or PassThrough transport. >>>>>>>> >>>>>>>> Thanks! >>>>>>>> >>>>>>>> [1] >>>>>>>> http://stackoverflow.com/questions/17752636/wso2-esb-4-0-3-how-to-specify-sslprotocol-parameter-for-transport-listner-http >>>>>>>> [2] http://tomcat.apache.org/tomcat-7.0-doc/config/http.html >>>>>>>> >>>>>>>> -- >>>>>>>> Isuru Perera >>>>>>>> Senior Software Engineer | WSO2, Inc. | http://wso2.com/ >>>>>>>> Lean . Enterprise . Middleware >>>>>>>> >>>>>>>> Twitter: http://twitter.com/chrishantha | LinkedIn: >>>>>>>> http://lk.linkedin.com/in/chrishantha/ >>>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> Isuru Perera >>>>>>> Senior Software Engineer | WSO2, Inc. | http://wso2.com/ >>>>>>> Lean . Enterprise . Middleware >>>>>>> >>>>>>> Twitter: http://twitter.com/chrishantha | LinkedIn: >>>>>>> http://lk.linkedin.com/in/chrishantha/ >>>>>>> >>>>>>> _______________________________________________ >>>>>>> Dev mailing list >>>>>>> [email protected] >>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Ramith Jayasinghe >>>>>> Technical Lead >>>>>> WSO2 Inc., http://wso2.com >>>>>> lean.enterprise.middleware >>>>>> >>>>>> E: [email protected] >>>>>> P: +94 776715671 >>>>>> >>>>>> >>>>> >>>>> >>>>> -- >>>>> Isuru Perera >>>>> Senior Software Engineer | WSO2, Inc. | http://wso2.com/ >>>>> Lean . Enterprise . Middleware >>>>> >>>>> Twitter: http://twitter.com/chrishantha | LinkedIn: >>>>> http://lk.linkedin.com/in/chrishantha/ >>>>> >>>> >>>> >>>> >>>> -- >>>> Isuru Perera >>>> Senior Software Engineer | WSO2, Inc. | http://wso2.com/ >>>> Lean . Enterprise . Middleware >>>> >>>> Twitter: http://twitter.com/chrishantha | LinkedIn: >>>> http://lk.linkedin.com/in/chrishantha/ >>>> >>>> _______________________________________________ >>>> Dev mailing list >>>> [email protected] >>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>> >>>> >>> >>> >>> -- >>> Jeewantha Dharmaparakrama >>> >>> Software Engineer; WSO2, Inc.; http://wso2.com/ >>> >>> Phone : (+94) 774726790 >>> Skype : prasad.jeewantha >>> LinkedIn : http://www.linkedin.com/in/jeewanthad >>> Twitter: https://twitter.com/jeewamp >>> Blog: http://jeewanthad.blogspot.com/ >>> >>> _______________________________________________ >>> Dev mailing list >>> [email protected] >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >>> >> >> >> -- >> Reka Thirunavukkarasu >> Software Engineer, >> WSO2, Inc.:http://wso2.com, >> >> > > > -- > Jeewantha Dharmaparakrama > Software Engineer; WSO2, Inc.; http://wso2.com/ > Phone : (+94) 774726790 > Skype : prasad.jeewantha > LinkedIn : http://www.linkedin.com/in/jeewanthad > Twitter: https://twitter.com/jeewamp > Blog: http://jeewanthad.blogspot.com/ > -- Jeewantha Dharmaparakrama Software Engineer; WSO2, Inc.; http://wso2.com/ Phone : (+94) 774726790 Skype : prasad.jeewantha LinkedIn : http://www.linkedin.com/in/jeewanthad Twitter: https://twitter.com/jeewamp Blog: http://jeewanthad.blogspot.com/
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
