The versions of the SSL/TLS protocol that are supported by Fuse Services Framework depend on the particular JSSE provider configured. By default, the JSSE provider is configured to be SUN’s JSSE provider implementation.
Table 4.2 shows the SSL/TLS protocol versions supported by SUN’s JSSE provider.
Table 4.2. SSL/TLS Protocols Supported by SUN’s JSSE Provider
| Protocol | Description |
|---|---|
SSL | Supports some version of SSL; may support other versions |
|
|
Supports SSL version 2 or higher |
|
|
Supports SSL version 3; may support other versions |
|
|
Supports some version of TLS; may support other versions |
|
|
Supports TLS version 1; may support other versions |
You can specify the preferred SSL/TLS protocol version as an attribute on the http:tlsClientParameters element (client side) or on the httpj:tlsServerParameters element (server side).
You can specify the protocol to be TLS on the client side by setting the secureSocketProtocol attribute as follows:
<?xml version="1.0" encoding="UTF-8"?>
<beans ... >
...
<http:conduit name="{Namespace}PortName.http-conduit">
...
<http:tlsClientParameters secureSocketProtocol="TLS">
...
</http:tlsClientParameters>
</http:conduit>
...
</beans>You can specify the protocol to be TLS on the server side by setting the secureSocketProtocol attribute as follows:
<?xml version="1.0" encoding="UTF-8"?>
<beans ... >
...
<httpj:engine-factory bus="cxf">
<httpj:engine port="9001">
...
<httpj:tlsServerParameters secureSocketProtocol="TLS">
...
</httpj:tlsClientParameters>
</httpj:engine>
</httpj:engine-factory>
...
</beans> |  |  |
 |
