SSL/TLS properties

All SSL/TLS properties are defined within the ssl object in theItential Platform service instance configuration for the adapter.

Properties

Property	Type	Required	Description
`ecdhCurve`	string	No → `""`	Fixes a PROTO error that can occur when connecting with Node.js 8 or Node.js 9. If you encounter this error, set this property to `"auto"`. This property has no other purpose.
`enabled`	boolean	Yes	Determines whether the external system has SSL/TLS enabled.
`accept_invalid_certs`	boolean	Yes (if SSL enabled)	When `true`, the adapter ignores invalid certificates. Only set this to `true` in lab environments.
`ca_file`	string	Yes (if SSL enabled and not accepting invalid certs)	Fully qualified path to the CA file used for SSL.
`key_file`	string	No	Fully qualified path to the key file used for SSL.
`cert_file`	string	No	Fully qualified path to the certificate file used for SSL.
`secure_protocol`	string	No	The secure protocol to use for the SSL handshake.
`ciphers`	string	Yes (if SSL enabled)	Hyphen-separated list of acceptable ciphers.

Example

This example configures SSL for a production environment using a CA file at /root/mycafile and SSL 3.0. No ciphers are specified.

1 "ssl": {
2   "ecdhCurve": "",
3   "enabled": true,
4   "accept_invalid_cert": false,
5   "ca_file": "/root/mycafile",
6   "key_file": "",
7   "cert_file": "",
8   "secure_protocol": "SSLv3_method",
9   "ciphers": ""
10 }

Never set accept_invalid_certs to true in production. This setting is only appropriate for lab environments.

1	"ssl": {
2	"ecdhCurve": "",
3	"enabled": true,
4	"accept_invalid_cert": false,
5	"ca_file": "/root/mycafile",
6	"key_file": "",
7	"cert_file": "",
8	"secure_protocol": "SSLv3_method",
9	"ciphers": ""
10	}