SSLSocketBuilder configuration parameters
Table 5.1. SSLSocketBuilder configuration parameters. attribute key name type default description ClientAuthMode REMOTING_CLIENT_AUTH_MODE ("org.jboss.remoting.clientAuthMode") String need Determines if sockets need or want client authentication. This configuration option is only useful for sockets in the server mode. Value may be "none", "want", or "need". KeyAlias REMOTING_KEY_ALIAS ("org.jboss.remoting.keyAlias") String The preferred identity in key store to be used by key managers KeyPassword REMOTING_KEY_PASSWORD ("org.jboss.remoting.keyPassword") String Sets the password to use for the keys within the key store. This only needs to be set if setUseSSLServerSocketFactory() is set to false (otherwise will be ignored). If this value is not set, but the key store password is, it will use that value for the key password. KeyStoreAlgorithm REMOTING_KEY_STORE_ALGORITHM ("org.jboss.remoting.keyStoreAlgorithm") String SunX509 The algorithm for the key manager factory. KeyStorePassword REMOTING_KEY_STORE_PASSWORD ("org.jboss.remoting.keyStorePassword") String The password to use for the key store. This only needs to be set if setUseSSLServerSocketFactory() is set to false (otherwise will be ignored). The value passed will also be used for the key password if the latter attribute is not explicitly set. KeyStoreType REMOTING_KEY_STORE_TYPE ("org.jboss.remoting.keyStoreType") String JKS The type to be used for the key store. Some acceptable values are JKS (Java Keystore - Sun's keystore format), JCEKS (Java Cryptography Extension keystore - More secure version of JKS), and PKCS12 (Public-Key Cryptography Standards #12 keystore - RSA's Personal Information Exchange Syntax Standard). These are not case sensitive. KeyStoreURL REMOTING_KEY_STORE_FILE_PATH ("org.jboss.remoting.keyStore") String Property used to define where SSLSocketBuilder will look for the keystore file. This can be relative to the thread's classloader or can be an absolute path on the file system or can be a URL. It can also be set to "NONE", in which case the keystore will be initialized but not populated from a file. This feature might be useful in the case of a PKCS#11 smart card. Provider none java.security.Provider Java Security API implementation to use. ProviderName REMOTING_SSL_PROVIDER_NAME ("org.jboss.remoting.sslProviderName") String Name of Java Security API implementation to use. SecureRandom none java.security.SecureRandom new SecureRandom() Random number generator to use. SecureSocketProtocol REMOTING_SSL_PROTOCOL ("org.jboss.remoting.sslProtocol") String TLS The protocol for the SSLContext. Some acceptable values are TLS, SSL, and SSLv3 ServerAuthMode REMOTING_SERVER_AUTH_MODE ("org.jboss.remoting.serverAuthMode") boolean/String true Determines if a client should attempt to authenticate a server certificate as one it trusts. ServerSocketUseClientMode REMOTING_SERVER_SOCKET_USE_CLIENT_MODE ("org.jboss.remoting.serversocket.useClientMode") boolean/String false Determines if the server sockets will be in client or server mode. SocketUseClientMode REMOTING_SOCKET_USE_CLIENT_MODE ("org.jboss.remoting.socket.useClientMode") boolean/String true Determines if the sockets will be in client or server mode. TrustStoreAlgorithm REMOTING_TRUST_STORE_ALGORITHM ("org.jboss.remoting.trustStoreAlgorithm") String value of KeyStoreAlgorithm, or SunX509 if KeyStoreAlgorithm is not set trust store key management algorithm TrustStorePassword REMOTING_TRUST_STORE_PASSWORD ("org.jboss.remoting.trustStorePassword") String trust store password TrustStoreType REMOTING_TRUST_STORE_TYPE ("org.jboss.remoting.trustStoreType") String value of KeyStoreType, or JKS if KeyStoreType is not set type of trust store TrustStoreURL REMOTING_TRUST_STORE_FILE_PATH ("org.jboss.remoting.trustStore") String location of trust store. It can also be set to "NONE", in which case the truststore will be initialized but not populated from a file. This feature might be useful in the case of a PKCS#11 smart card. UseSSLServerSocketFactory none boolean true Determines if default SSLServerSocketFactory should be created. UseSSLSocketFactory none boolean true Determines if default SSLSocketFactory should be created.