Standard libraryhttprecords

ListenerSecureSocket

Record: ListenerSecureSocket

Configures the SSL/TLS options to be used for HTTP service.

Closed record

Fields

  • key KeyStore | CertKey

    • Configurations associated with crypto:KeyStore or combination of certificate and (PKCS8) private key of the server

  • mutualSsl record {| verifyClient VerifyClient, cert TrustStore | string |}?

    • Configures associated with mutual SSL operations

  • protocol record {| name Protocol, versions string[ ] |}?

    • SSL/TLS protocol related options

  • certValidation record {| 'type CertValidationType, cacheSize int, cacheValidityPeriod int |}?

    • Certificate validation against OCSP_CRL, OCSP_STAPLING related options

  • ciphers string[ ](default ["TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256"])

    • List of ciphers to be used eg: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

  • shareSession boolean(default true)

    • Enable/Disable new SSL session creation

  • handshakeTimeout decimal?

    • SSL handshake time out

  • sessionTimeout decimal?

    • SSL session time out