このコンテンツは選択した言語では利用できません。

6.2. Transport Security Properties


The following properties can be set when defining the transport security setting for a transport.
Expand
Table 6.1. SSL Properties
Setting Description Default Value
mode
Options are: disabled, login, or enabled.
If set to disabled, no transport or message level encryption will be used.
If set to login, only the login traffic will be encrypted at a message level using 128 bit AES with an ephemeral DH key exchange. This only applies to the teiid transport. (No other configuration values are required in this mode.)
If set to enabled, traffic will be encrpyted using SSL according to the configuration properties below. teiid transport clients must connect using SSL with the mms protocol. ODBC pg transport clients may optionally use SSL.
login
keystore/name The filename of the keystore that contains the private key of the server. The file name can be specified relative to the JBoss Data Virtualization deployer classloader or by absolute file system path. A typical installation would place the keystore file in the EAP_HOME/MODE/configuration directory. cert.keystore
keystore/password The password used to access the keystore.
keystore/type The keystore type created by the keytool. JKS
keystore/key-alias The keystore key-alias created by the keytool.
ssl-protocol Type of SSL protocol to be used. TLSv1
keymanagement-algorithm Type of key algorithm to be used.
truststore/name If authentication-mode is set to 2-way, this property must be provided. This is the truststore that contains the public key for the client. Depending on how you created the keystore and truststores, this may be the same as the file specified for keystore/name. cert.truststore
truststore/password The password used to access the truststore.
authentication-mode Options are 1-way, 2-way and anonymous. 1-way
enabled-cipher-suites A comma separated list of cipher suites allowed for encryption between the client and server. The values must be supported by the JVM, otherwise the SSL connections will fail.

Note

Both anonymous SSL and login only encryption are configured to use 128 bit AES encryption by default. By default, 1-way and 2-way SSL allow for cipher suite negotiation based upon the default cipher suites supported by the respective Java platforms of the client and server. Administrators can restrict the cipher suites used for encryption by setting the enabled-cipher-suites property.
This defaults to all supported cipher suites for the virtual machine.

Note

You will typically use the CLI to modify the transport configuration.

Warning

Red Hat recommends to encrypt passwords in production systems. Refer to the JBoss Enterprise Application Platform Security Guide for information about the Password Vault.
トップに戻る
Red Hat logoGithubredditYoutubeTwitter

詳細情報

試用、購入および販売

コミュニティー

Red Hat ドキュメントについて

Red Hat をお使いのお客様が、信頼できるコンテンツが含まれている製品やサービスを活用することで、イノベーションを行い、目標を達成できるようにします。 最新の更新を見る.

多様性を受け入れるオープンソースの強化

Red Hat では、コード、ドキュメント、Web プロパティーにおける配慮に欠ける用語の置き換えに取り組んでいます。このような変更は、段階的に実施される予定です。詳細情報: Red Hat ブログ.

会社概要

Red Hat は、企業がコアとなるデータセンターからネットワークエッジに至るまで、各種プラットフォームや環境全体で作業を簡素化できるように、強化されたソリューションを提供しています。

Theme

© 2025 Red Hat