diff --git a/akka-docs/rst/java/http/client-side/https-support.rst b/akka-docs/rst/java/http/client-side/https-support.rst index ad7082e760..74cb0ef714 100644 --- a/akka-docs/rst/java/http/client-side/https-support.rst +++ b/akka-docs/rst/java/http/client-side/https-support.rst @@ -45,6 +45,19 @@ to rely on the configured default client-side ``HttpsContext``. If no custom ``HttpsContext`` is defined the default context uses Java's default TLS settings. Customizing the ``HttpsContext`` can make the Https client less secure. Understand what you are doing! +SSL-Config +---------- + +Akka HTTP heavily relies on, and delegates most configuration of any SSL/TLS related options to +`Lightbend SSL-Config`_, which is a library specialized in providing an secure-by-default SSLContext +and related options. + +Please refer to the `Lightbend SSL-Config`_ documentation for detailed documentation of all available settings. + +SSL Config settings used by Akka HTTP (as well as Streaming TCP) are located under the `akka.ssl-config` namespace. + +.. _Lightbend SSL-Config: http://typesafehub.github.io/ssl-config/ + Detailed configuration and workarounds -------------------------------------- diff --git a/akka-docs/rst/scala/http/client-side/https-support.rst b/akka-docs/rst/scala/http/client-side/https-support.rst index c3b421425b..be6acf317a 100644 --- a/akka-docs/rst/scala/http/client-side/https-support.rst +++ b/akka-docs/rst/scala/http/client-side/https-support.rst @@ -45,6 +45,19 @@ to rely on the configured default client-side ``HttpsContext``. If no custom ``HttpsContext`` is defined the default context uses Java's default TLS settings. Customizing the ``HttpsContext`` can make the Https client less secure. Understand what you are doing! +SSL-Config +---------- + +Akka HTTP heavily relies on, and delegates most configuration of any SSL/TLS related options to +`Lightbend SSL-Config`_, which is a library specialized in providing an secure-by-default SSLContext +and related options. + +Please refer to the `Lightbend SSL-Config`_ documentation for detailed documentation of all available settings. + +SSL Config settings used by Akka HTTP (as well as Streaming TCP) are located under the `akka.ssl-config` namespace. + +.. _Lightbend SSL-Config: http://typesafehub.github.io/ssl-config/ + Detailed configuration and workarounds -------------------------------------- diff --git a/akka-docs/rst/scala/http/low-level-server-side-api.rst b/akka-docs/rst/scala/http/low-level-server-side-api.rst index 7e61dddabf..194e18fa4f 100644 --- a/akka-docs/rst/scala/http/low-level-server-side-api.rst +++ b/akka-docs/rst/scala/http/low-level-server-side-api.rst @@ -155,6 +155,21 @@ optional ``httpsContext`` parameter, which can receive the HTTPS configuration i instance. If defined encryption is enabled on all accepted connections. Otherwise it is disabled (which is the default). +For detailed documentation for client-side HTTPS support refer to :ref:`clientSideHTTPS`. + +SSL-Config +---------- + +Akka HTTP heavily relies on, and delegates most configuration of any SSL/TLS related options to +`Lightbend SSL-Config`_, which is a library specialized in providing an secure-by-default SSLContext +and related options. + +Please refer to the `Lightbend SSL-Config`_ documentation for detailed documentation of all available settings. + +SSL Config settings used by Akka HTTP (as well as Streaming TCP) are located under the `akka.ssl-config` namespace. + +.. _Lightbend SSL-Config: http://typesafehub.github.io/ssl-config/ + .. _http-server-layer-scala: Stand-Alone HTTP Layer Usage diff --git a/akka-stream/src/main/resources/reference.conf b/akka-stream/src/main/resources/reference.conf index d0e736ce55..845ade285e 100644 --- a/akka-stream/src/main/resources/reference.conf +++ b/akka-stream/src/main/resources/reference.conf @@ -93,8 +93,6 @@ akka { # configure overrides to ssl-configuration here (to be used by akka-streams, and akka-http – i.e. when serving https connections) ssl-config { - # due to still supporting JDK6 in this release - # TODO once JDK 8 is required switch this to TLSv1.2 (or remove entirely, leave up to ssl-config to pick) - protocol = "TLSv1" + protocol = "TLSv1.2" } }