Record: ListenerSecureSocket
Configures the SSL/TLS options to be used for HTTP service.
Closed record
Fields
- key KeyStore | CertKey
- mutualSsl record {| verifyClient VerifyClient, cert TrustStore | string |}?
- protocol record {| name Protocol, versions string[ ] |}?
- certValidation record {| 'type CertValidationType, cacheSize int, cacheValidityPeriod int |}?
- ciphers string[ ](default ["TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256"])
- handshakeTimeout decimal?
- sessionTimeout decimal?
Configurations associated with crypto:KeyStore
or combination of certificate and (PKCS8) private key of the server
Configures associated with mutual SSL operations
SSL/TLS protocol related options
Certificate validation against OCSP_CRL, OCSP_STAPLING related options
List of ciphers to be used eg: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
SSL handshake time out
SSL session time out