diff options
author | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2019-12-03 14:58:45 +0100 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2020-01-31 13:58:57 +0100 |
commit | e2c5dcaef7f2334e3c9e9778169ef1b917fa8760 (patch) | |
tree | 5bac7d4844e4b0363d3de2464dcbe2d6806ade47 /jdisc_http_service/src | |
parent | b9057605e9af10cb3ded03fb730474936de3041a (diff) |
Add connector config for enabled cipher suites and protocol versions
Diffstat (limited to 'jdisc_http_service/src')
-rw-r--r-- | jdisc_http_service/src/main/resources/configdefinitions/jdisc.http.connector.def | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/jdisc_http_service/src/main/resources/configdefinitions/jdisc.http.connector.def b/jdisc_http_service/src/main/resources/configdefinitions/jdisc.http.connector.def index 1122b1db3a9..fe79ec2ffa3 100644 --- a/jdisc_http_service/src/main/resources/configdefinitions/jdisc.http.connector.def +++ b/jdisc_http_service/src/main/resources/configdefinitions/jdisc.http.connector.def @@ -81,6 +81,12 @@ ssl.caCertificate string default="" # Client authentication mode. See SSLEngine.getNeedClientAuth()/getWantClientAuth() for details. ssl.clientAuth enum { DISABLED, WANT_AUTH, NEED_AUTH } default=DISABLED +# List of enabled cipher suites. JDisc will use Vespa default if empty. +ssl.enabledCipherSuites[] string + +# List of enabled TLS protocol versions. JDisc will use Vespa default if empty. +ssl.enabledProtocols[] string + # Enforce TLS client authentication for https requests at the http layer. # Intended to be used with connectors with optional client authentication enabled. # 401 status code is returned for requests from non-authenticated clients. |