Standard libraryhttprecords

ListenerSecureSocket

Record: ListenerSecureSocket

Configures the SSL/TLS options to be used for HTTP service.

Closed record

Fields

  • key KeyStore | CertKey

    • Configurations associated with crypto:KeyStore or combination of certificate and (PKCS8) private key of the server

  • mutualSsl record {| VerifyClient verifyClient = REQUIRE; crypto:TrustStore|string cert; |} ?

    • Configures associated with mutual SSL operations

  • protocol record {| Protocol name; string[] versions = []; |} ?

    • SSL/TLS protocol related options

  • certValidation record {| CertValidationType 'type = OCSP_STAPLING; int cacheSize; int cacheValidityPeriod; |} ?

    • Certificate validation against OCSP_CRL, OCSP_STAPLING related options

  • ciphers string[ ](default ["TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256"])

    • List of ciphers to be used eg: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

  • shareSession boolean(default true)

    • Enable/Disable new SSL session creation

  • handshakeTimeout decimal?

    • SSL handshake time out

  • sessionTimeout decimal?

    • SSL session time out