Record: ListenerSecureSocket

Configures the SSL/TLS options to be used for HTTP service.

Closed record

Fields

  • key KeyStore | CertKey
  • Configurations associated with crypto:KeyStore or combination of certificate and (PKCS8) private key of the server

  • mutualSsl record {| VerifyClient verifyClient = REQUIRE; crypto:TrustStore|string cert; |} ?
  • Configures associated with mutual SSL operations

  • protocol record {| Protocol name; string[] versions = []; |} ?
  • SSL/TLS protocol related options

  • certValidation record {| CertValidationType 'type = OCSP_STAPLING; int cacheSize; int cacheValidityPeriod; |} ?
  • Certificate validation against OCSP_CRL, OCSP_STAPLING related options

  • ciphers string[ ](default ["TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256"])
  • List of ciphers to be used eg: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

  • shareSession boolean(default true)
  • Enable/Disable new SSL session creation

  • handshakeTimeout decimal?
  • SSL handshake time out

  • sessionTimeout decimal?
  • SSL session time out