| <!DOCTYPE html><html lang="en"><head><meta charset="utf-8"></meta><title>StandardSSLContextService</title><link rel="stylesheet" href="../../../../../css/component-usage.css" type="text/css"></link></head><script type="text/javascript">window.onload = function(){if(self==top) { document.getElementById('nameHeader').style.display = "inherit"; } }</script><body><h1 id="nameHeader" style="display: none;">StandardSSLContextService</h1><h2>Description: </h2><p>Standard implementation of the SSLContextService. Provides the ability to configure keystore and/or truststore properties once and reuse that configuration throughout the application. This service can be used to communicate with both legacy and modern systems. If you only need to communicate with non-legacy systems, then the StandardRestrictedSSLContextService is recommended as it only allows a specific set of SSL protocols to be chosen.</p><h3>Tags: </h3><p>ssl, secure, certificate, keystore, truststore, jks, p12, pkcs12, pkcs, tls</p><h3>Properties: </h3><p>In the list below, the names of required properties appear in <strong>bold</strong>. Any other properties (not in bold) are considered optional. The table also indicates any default values, and whether a property supports the <a href="../../../../../html/expression-language-guide.html">NiFi Expression Language</a>.</p><table id="properties"><tr><th>Display Name</th><th>API Name</th><th>Default Value</th><th>Allowable Values</th><th>Description</th></tr><tr><td id="name">Keystore Filename</td><td>Keystore Filename</td><td></td><td id="allowable-values"></td><td id="description">The fully-qualified filename of the Keystore<br/><br/><strong>This property requires exactly one file to be provided..</strong><br/><br/><strong>Supports Expression Language: true (will be evaluated using variable registry only)</strong></td></tr><tr><td id="name">Keystore Password</td><td>Keystore Password</td><td></td><td id="allowable-values"></td><td id="description">The password for the Keystore<br/><strong>Sensitive Property: true</strong></td></tr><tr><td id="name">Key Password</td><td>key-password</td><td></td><td id="allowable-values"></td><td id="description">The password for the key. If this is not specified, but the Keystore Filename, Password, and Type are specified, then the Keystore Password will be assumed to be the same as the Key Password.<br/><strong>Sensitive Property: true</strong></td></tr><tr><td id="name">Keystore Type</td><td>Keystore Type</td><td></td><td id="allowable-values"><ul><li>BCFKS</li><li>PKCS12</li><li>JKS</li></ul></td><td id="description">The Type of the Keystore</td></tr><tr><td id="name">Truststore Filename</td><td>Truststore Filename</td><td></td><td id="allowable-values"></td><td id="description">The fully-qualified filename of the Truststore<br/><br/><strong>This property requires exactly one file to be provided..</strong><br/><br/><strong>Supports Expression Language: true (will be evaluated using variable registry only)</strong></td></tr><tr><td id="name">Truststore Password</td><td>Truststore Password</td><td></td><td id="allowable-values"></td><td id="description">The password for the Truststore<br/><strong>Sensitive Property: true</strong></td></tr><tr><td id="name">Truststore Type</td><td>Truststore Type</td><td></td><td id="allowable-values"><ul><li>BCFKS</li><li>PKCS12</li><li>JKS</li></ul></td><td id="description">The Type of the Truststore</td></tr><tr><td id="name">TLS Protocol</td><td>SSL Protocol</td><td id="default-value">TLS</td><td id="allowable-values"><ul><li>SSL <img src="../../../../../html/images/iconInfo.png" alt="Negotiate latest SSL or TLS protocol version based on platform supported versions" title="Negotiate latest SSL or TLS protocol version based on platform supported versions"></img></li><li>TLS <img src="../../../../../html/images/iconInfo.png" alt="Negotiate latest TLS protocol version based on platform supported versions" title="Negotiate latest TLS protocol version based on platform supported versions"></img></li><li>TLSv1.3 <img src="../../../../../html/images/iconInfo.png" alt="Require TLSv1.3 protocol version" title="Require TLSv1.3 protocol version"></img></li><li>TLSv1.2 <img src="../../../../../html/images/iconInfo.png" alt="Require TLSv1.2 protocol version" title="Require TLSv1.2 protocol version"></img></li><li>TLSv1.1 <img src="../../../../../html/images/iconInfo.png" alt="Require TLSv1.1 protocol version" title="Require TLSv1.1 protocol version"></img></li><li>TLSv1 <img src="../../../../../html/images/iconInfo.png" alt="Require TLSv1 protocol version" title="Require TLSv1 protocol version"></img></li></ul></td><td id="description">SSL or TLS Protocol Version for encrypted connections. Supported versions include insecure legacy options and depend on the specific version of Java used.</td></tr></table><h3>State management: </h3>This component does not store state.<h3>Restricted: </h3>This component is not restricted.<h3>System Resource Considerations:</h3>None specified.</body></html> |