Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Similar to the HTTP transport, the HTTPS transport consists of a receiver implementation which comes from the Carbon core component and a sender implementation which comes from the Tomcat http connector. In fact, this transport uses exactly the same transport sender implementation as the HTTP transport . The transport receiver implementation of the HTTP transport is available in the Carbon core component. The transport sender implementation comes from the Tomcat http connector. This transport is shipped with WSO2 Carbon and all WSO2 Carbon-based products, which use this transport as the default transport, except WSO2 ESB. By default, we use non-blocking Tomcat Java connector, org.apache.coyo te.http11.Http11NioProtocol.In

Info

Although the axis2.xml file contains configurations for HTTP/S transports by default, they are not used by WSO2 products. Instead, the products use the HTTP/S transport configurations in Tomcat-level; therefore, changing the HTTP/S configurations in the axis2.xml file has no effect.

HTTPS servlet transport should be configured in the <PRODUCT_HOME>/repository/conf/tomcat/catalina-server.xml file, same as with the HTTP servlet transport. The transport class that should be specified in the catalina-server.xml file is as follows: <Connector protocol="org.apache.coyote.http11.Http11NioProtocol"/>. In addition to the configuration parameters supported by the HTTP servlet transport, HTTPS servlet transport supports the following configuration parameters:

Tip

In the transport parameter tables, the literals displayed in italics under the "Possible Values" column should be considered as fixed literal constant values. Those values can be directly put in transport configurations.

Info

Although the axis2.xml file contains configurations for HTTP/S transports by default, they are not used by WSO2 products. Instead, the products use the HTTP/S transport configurations in Tomcat-level; therefore, changing the HTTP/S configurations in the axis2.xml file has no effect.

Parameter Name

Description

Possible Values

Default Value

sslProtocol

Transport level security protocol to be used.

TLS, SSL

TLS

enableLookupsSet to  true  if you want calls to  request.getRemoteHost()  to perform DNS lookups in order to return the actual host name of the remote client. Set to  false  to skip the DNS lookup and return the IP address in String form instead (thereby improving performance). true, false 
clientAuthSet to true if you want the SSL stack to require a valid certificate chain from the client before accepting a connection. Set to want if you want the SSL stack to request a client Certificate, but not fail if one isn't presented. A false value (which is the default) will not require a certificate chain unless the client requests a resource protected by a security constraint that uses CLIENT-CERT authentication.true, false 
schemeSet this attribute to the name of the protocol you wish to have returned by calls to  request.getScheme().http, https 
secureSet this attribute to  true  if you wish to have calls to  request.isSecure()  to return  true  for requests received by this Connector. You would want this on an SSL Connector or a non SSL connector that is receiving data from a SSL accelerator, like a crypto card, a SSL appliance or even a webserver. true, false 
SSLEnabledUse this attribute to enable SSL traffic on a connector. To turn on SSL handshake/encryption/decryption on a connector set this value to true. When turning this value true you will want to set the scheme and the secure attributes as well to pass the correct request.getScheme() and request.isSecure() values to the servlets. For more information see, SSL Support.true, false 

keystore

Path to the keystore which should be used for encryption/decryption.

A valid file path to a keystore file

 

keypass

Password to access the specified keystore.

A valid password

 

...