diff options
author | Bjørn Christian Seime <bjorncs@oath.com> | 2018-09-14 08:32:01 +0200 |
---|---|---|
committer | gjoranv <gv@oath.com> | 2019-01-21 15:09:21 +0100 |
commit | 6e7198c87d0451b3ac441bb21348ab9cf71bf699 (patch) | |
tree | 1891b9d65a8f408c1fde8992314eb972d51e4cb0 /jdisc_http_service/src/main/resources | |
parent | 259d53767305223b57122e975aba9bf3ea43790e (diff) |
Remove old ssl connector config
Diffstat (limited to 'jdisc_http_service/src/main/resources')
-rw-r--r-- | jdisc_http_service/src/main/resources/configdefinitions/jdisc.http.connector.def | 57 |
1 files changed, 0 insertions, 57 deletions
diff --git a/jdisc_http_service/src/main/resources/configdefinitions/jdisc.http.connector.def b/jdisc_http_service/src/main/resources/configdefinitions/jdisc.http.connector.def index 3356eb3a100..30c74ed2c35 100644 --- a/jdisc_http_service/src/main/resources/configdefinitions/jdisc.http.connector.def +++ b/jdisc_http_service/src/main/resources/configdefinitions/jdisc.http.connector.def @@ -66,60 +66,3 @@ ssl.caCertificateFile string default="" # Client authentication mode. See SSLEngine.getNeedClientAuth()/getWantClientAuth() for details. ssl.clientAuth enum { DISABLED, WANT_AUTH, NEED_AUTH } default=DISABLED - - -######################################################################################### -# Config below is deprecated. Do not use -######################################################################################### - -# The name of the key to the password to the key store if in the secret store, if JKS is used. -# Must be empty with PEM -# By default this is also used to look up the password to the trust store. -ssl.keyDbKey string default="" -# TODO Rename keyDbKey to keyStorePassword after introducing custom services.xml syntax - -# Names of protocols to exclude. -ssl.excludeProtocol[].name string - -# Names of protocols to include. -ssl.includeProtocol[].name string - -# Names of cipher suites to exclude. -ssl.excludeCipherSuite[].name string - -# Names of cipher suites to include. -ssl.includeCipherSuite[].name string - -# The type of the keystore. -ssl.keyStoreType enum { JKS, PEM } default=JKS - -# JKS only - the path to the keystore. -ssl.keyStorePath string default="" - -ssl.pemKeyStore.keyPath string default="" -ssl.pemKeyStore.certificatePath string default="" - -ssl.trustStoreType enum { JKS } default=JKS - -# JKS only - the path to the truststore. -ssl.trustStorePath string default="" - -# TODO Add separate config for truststore password - -# Whether we should use keyDbKey as password to the trust store (true, default), -# or use no password with the trust store (false) -ssl.useTrustStorePassword bool default=true -# TODO Fix broken semantics with truststore and keystore password in Vespa 7 / Vespa 8 - -# The algorithm name used by the KeyManagerFactory. -ssl.sslKeyManagerFactoryAlgorithm string default="SunX509" - -# The SSL protocol passed to SSLContext.getInstance() -ssl.protocol string default="TLS" - -# The SecureRandom implementation passed to SSLEngine.init() -# Java have a default pseudo-random number generator (PRNG) for crypto operations. This default may have performance -# issues on some platform (e.g. NativePRNG in Linux utilizes a global lock). Changing the generator to SHA1PRNG may -# improve performance. Set value to empty string to use the default generator. -ssl.prng string default="" - |