This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

 

If your proxy service connects to a back-end server through a proxy server, you can enable secure socket layer (SSL) tunneling through the proxy server, which prevents any intermediary proxy services from interfering with the communication. SSL tunneling is available when your proxy service uses the HTTP PassThrough transport or the HTTP-NIO transport.

 

To set up Squid:

  1. Install Squid as described here.
  2. Do the following changes in the squid.cof file.

To configure SSL tunneling through the proxy server:

  1. In <ESB_HOME>/repository/conf/axis2/axis2.xml, add the following parameters to the transportSender configuration for PassThroughHttpSender, PassThroughHttpSSLSender, HttpCoreNIOSender, and HttpCoreNIOSSLSender:

    • <parameter name="http.proxyHost" locked="false">hostIP</parameter>

    • <parameter name="http.proxyPort" locked="false">portNumber</parameter>

      where hostIP and portNumber specify the IP address and port number of the proxy server.
  2. Uncomment the following parameter in the PassThroughHttpSSLSender and HttpCoreNIOSSLSender configurations and change the value to "AllowAll".

    <parameter name="HostnameVerifier">AllowAll</parameter>

For example, if the host and port of proxy server is localhost:8080, your transportSender configurations for PassThroughHttPSender and PassThroughHttpSSLSender would look like this:

PassThroughHTTPSender
<transportSender name="http" class="org.apache.synapse.transport.passthru.PassThroughHttpSender">
        <parameter name="non-blocking" locked="false">true</parameter>
        <parameter name="http.proxyHost" locked="false">localhost</parameter>
        <parameter name="http.proxyPort" locked="false">8080</parameter>
</transportSender>
PassThroughHttpSSLSender
<transportSender name="https" class="org.apache.synapse.transport.passthru.PassThroughHttpSSLSender">
        <parameter name="non-blocking" locked="false">true</parameter>
        <parameter name="keystore" locked="false">
            <KeyStore>
                <Location>repository/resources/security/wso2carbon.jks</Location>
                <Type>JKS</Type>
                <Password>wso2carbon</Password>
                <KeyPassword>wso2carbon</KeyPassword>
            </KeyStore>
        </parameter>
        <parameter name="truststore" locked="false">
            <TrustStore>
                <Location>repository/resources/security/client-truststore.jks</Location>
                <Type>JKS</Type>
                <Password>wso2carbon</Password>
            </TrustStore>
        </parameter>
        <parameter name="http.proxyHost" locked="false">localhost</parameter>
        <parameter name="http.proxyPort" locked="false">8080</parameter>
        <parameter name="HostnameVerifier">AllowAll</parameter>
</transportSender>

 

 

 

  • No labels