This documentation is for WSO2 Enterprise Service Bus version 5.0.0. For the latest ESB, view the latest WSO2 Enterprise Integrator documentation.

All docs This doc
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

If your proxy service connects to a back-end server through a proxy server, you can enable secure socket layer (SSL) tunneling through the proxy server, which prevents any intermediary proxy services from interfering with the communication. SSL tunneling is available when your proxy service uses the HTTP PassThrough transport or the HTTP-NIO transport .

To set up Squid:

  1. Install Squid as described here.
  2. Do the following changes in the squid.cof file.

To configure SSL tunneling through the proxy server:

  1. In <ESB_HOME>/repository/conf/axis2/axis2.xml, add the following parameters to the transportSender configuration for  PassThroughHttpSender, PassThroughHttpSSLSender, HttpCoreNIOSender, and HttpCoreNIOSSLSender:

    • <parameter name="http.proxyHost" locked="false">hostName</parameter>

    • <parameter name="http.proxyPort" locked="false">portNumber</parameter>

      where  hostName  and  portNumber specify the host name and port number of the proxy server.
  2. Uncomment the following parameter in the PassThroughHttpSSLSender and HttpCoreNIOSSLSender configurations and change the value to AllowAll.

    <parameter name="HostnameVerifier">AllowAll</parameter>

For example, if the host name and port number of proxy server is localhost:8080, your transportSender configurations for PassThroughHttPSender and PassThroughHttpSSLSender would look like this:

PassThroughHTTPSender
<transportSender name="http" class="org.apache.synapse.transport.passthru.PassThroughHttpSender">
        <parameter name="non-blocking" locked="false">true</parameter>
        <parameter name="http.proxyHost" locked="false">localhost</parameter>
        <parameter name="http.proxyPort" locked="false">8080</parameter>
</transportSender>
PassThroughHttpSSLSender
<transportSender name="https" class="org.apache.synapse.transport.passthru.PassThroughHttpSSLSender">
        <parameter name="non-blocking" locked="false">true</parameter>
        <parameter name="keystore" locked="false">
            <KeyStore>
                <Location>repository/resources/security/wso2carbon.jks</Location>
                <Type>JKS</Type>
                <Password>wso2carbon</Password>
                <KeyPassword>wso2carbon</KeyPassword>
            </KeyStore>
        </parameter>
        <parameter name="truststore" locked="false">
            <TrustStore>
                <Location>repository/resources/security/client-truststore.jks</Location>
                <Type>JKS</Type>
                <Password>wso2carbon</Password>
            </TrustStore>
        </parameter>
        <parameter name="http.proxyHost" locked="false">localhost</parameter>
        <parameter name="http.proxyPort" locked="false">8080</parameter>
        <parameter name="HostnameVerifier">AllowAll</parameter>
</transportSender>
  • No labels