Versions Compared

Old Version 8

changes.mady.by.user Former user

Saved on

compared with

New Version 9

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
languagehtml/xml
<transportSender name="https" class="org.apache.synapse.transport.nhttp.HttpCoreNIOSSLSender">
    	<parameter name="non-blocking" locked="false">true</parameter>
	<parameter name="customSSLProfiles">
		<profile>
		<servers>localhost:8244</servers>
		<KeyStore>
			<Location>repository/resources/security/esb.jks</Location>
			<Type>JKS</Type>
			<Password>123456</Password>
		      <KeyPassword>123456</KeyPassword>
            	</KeyStore>
		<TrustStore>			
            <Location>repository/resources/security/esbtruststore.jks</Location>
			<Type>JKS</Type>
			<Password>123456</Password>
		</TrustStore>
		</profile>
    </parameter>
  	<parameter name="keystore" locked="false">
            <KeyStore>                
                <Location>repository/resources/security/wso2carbon.jks</Location>
                <Type>JKS</Type>
                <Password>wso2carbon</Password>
                <KeyPassword>wso2carbon</KeyPassword>
            </KeyStore>
   	</parameter>
   	<parameter name="truststore" locked="false">
            <TrustStore>               
                <Location>repository/resources/security/client-truststore.jks</Location>
                <Type>JKS</Type>
                <Password>wso2carbon</Password>
            </TrustStore>
    	</parameter>
   	<parameter name="HostnameVerifier">AllowAll</parameter>
</transportSender>

...

  • Edit the <ESB_HOME>/repository/conf/Axis2/axis2.xml file and add the  dynamicSSLProfilesConfig parameter as follows:

    Code Block
    languagexml
    <transportSender name="https" class="org.apache.synapse.transport.nhttp.HttpCoreNIOSSLSender">
    .......  
<parameter name="dynamicSSLProfilesConfig">
		<filePath>repository/conf/sslprofiles/senderprofiles.xml</filePath>
		<fileReadInterval>3600000</fileReadInterval>		
	</parameter>
	.......
</transportSender>

  • Create the senderprofiles.xml file with the following configuration in the <ESB_HOME>/repository/conf/sslprofiles directory:

    Info
    titleNote:

    You can configure the file path for the senderprofiles.xml file as required.

    Code Block
    languagexml
    titleConfiguration for senderprofiles.xml
    <parameter name="customSSLProfiles">
	<profile>
		<servers>localhost:8244,192.168.1.234:8245</servers>
		<KeyStore>
			<Location>repository/resources/security/esb.jks</Location>
			<Type>JKS</Type>
			<Password>123456</Password>
		        <KeyPassword>123456</KeyPassword>

           	</KeyStore>
		<TrustStore>			
            <Location>repository/resources/security/esbtruststore.jks</Location>
			<Type>JKS</Type>
			<Password>123456</Password>
		</TrustStore>
	</profile>
</parameter>

    The SSL profile will be applied to each request that is sent to the destination server specified within the <servers> element as the IP:Port combination.

...