Configuration for the container. Contains deployment configuration attributes. This attribute is deprecated it and will be ignored. Use the system model to set ports. Http port number on which Repose listens for requests. This attribute is deprecated it and will be ignored. Use the system model to set ports. Https port number on which Repose listens for requests Deprecated: This attribute is deprecated and will be removed in future major release. An identifying string that will be returned in the Via header. Maximum size for request content in bytes. The number of seconds the JMX reporting service keeps data. The data will be reset after this amount of time. The time in milliseconds that a connection can be idle before it is closed (Default: 30000). See: http://www.eclipse.org/jetty/documentation/current/configuring-connectors.html#jetty-connectors-network-settings A value >=0 sets the socket SO_LINGER value in milliseconds. Repose (Jetty) attempts to gently close all TCP/IP connections with proper half close semantics, so a linger timeout should not be required and thus the default is -1. See: http://www.eclipse.org/jetty/documentation/current/configuring-connectors.html#jetty-connectors-network-settings The ID which specifies which cluster this configuration patch should be applied to. The time in milliseconds that a connection can be idle before it is closed (Default: 30000). See: http://www.eclipse.org/jetty/documentation/current/configuring-connectors.html#jetty-connectors-network-settings A value >=0 sets the socket SO_LINGER value in milliseconds. Repose (Jetty) attempts to gently close all TCP/IP connections with proper half close semantics, so a linger timeout should not be required and thus the default is -1. See: http://www.eclipse.org/jetty/documentation/current/configuring-connectors.html#jetty-connectors-network-settings Directory check interval in milliseconds A string that points the directory where artifacts are extracted. Clean up undeployed resources Name of the system state log config Contains the information needed to configure Repose's Via header. An identifying string that will be sent in the request Via header to the origin service. If undefined, then the hostname and servicing port will be added to the request. An identifying string that will be returned in the response Via header to the client. If undefined and the repose-version is false, then no Via header will be added to the response. Indicates whether or not the Via header will include the Repose version. If false and the response-prefix is undefined, then no Via header will be added will be add to the response. (Default: true) An identifying string that will be sent in the request Via header to the origin service. If undefined, then the hostname and servicing port will be added to the request. An identifying string that will be returned in the response Via header to the client. If undefined and the repose-version is false, then no Via header will be added to the response. Indicates whether or not the Via header will include the Repose version. If false and the response-prefix is undefined, then no Via header will be added to the response. Contains the information needed to run Repose in an SSL enabled mode. Name of the application keystore file, e.g keystore.repose The password for the entire application keystore. The password for the particular application key in the keystore. Whether to allow TLS Renegotiation. Default is to disallow. The application truststore used for validating client certificates. This is typically set to the same path as the keystore. NOTE: This element is only used if the need-client-auth attribute is True. NOTE: IF the need-client-auth attribute is True AND this element is not present, THEN the keystore will be used. The password for the application truststore. NOTE: This element is only used if the need-client-auth attribute is True AND the truststore-filename element is present. The list of protocols to include. The list of protocols to exclude. The list of ciphers to include. The list of ciphers to exclude. Indicates whether or not SSL client authentication is required. Name of the application keystore file, e.g keystore.repose The password for the entire application keystore. The password for the particular application key in the keystore. Whether to allow TLS Renegotiation. Default is to disallow. The application truststore used for validating client certificates. This is typically set to the same path as the keystore. NOTE: This element is only used if the need-client-auth attribute is True. NOTE: IF the need-client-auth attribute is True AND this element is not present, THEN the keystore will be used. The password for the application truststore. NOTE: This element is only used if the need-client-auth attribute is True AND the truststore-filename element is present. The list of protocols to include. The list of protocols to exclude. The list of ciphers to include. The list of ciphers to exclude. Indicates whether or not SSL client authentication is required. Allows you to configure Secure Protocols to be used by VALVE, not WAR deployments This is a list of protocols that can be used, must be listed by the JVM's "getSupportedProtocols" method, which will be logged, if Valve fails to initialize. http://docs.oracle.com/javase/8/docs/api/javax/net/ssl/SSLEngine.html?is-external=true#setEnabledProtocols%28java.lang.String[]%29 Allows you to configure cipher suites and TLS renegotiation that will be used by VALVE (not war file) for SSL and TLS. Each cipher can be an exact cipher name, or a regular expression. See: http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html for more information Specifically the parts about Enabling/Disabling Specific Cipher Suites