Page tree
Skip to end of metadata
Go to start of metadata

FIX Antenna Java support configuring secure transport separately for each initiator session. The same configuration options can be defined for SSLFIXServer instance (will be applied to acceptor sessions, initialized by this server instance).

Please check a list of configuration options below:

PropertyDescriptionDefault value 
enableSSLEnable secure transport for the initiator session.false
keyStorePathPath to a Keystore, which contains private keys for secure connection
keyStorePasswordKeystore password
trustStorePathPath to a Truststore. Usually contains a chain of trusted certificates.
trustStorePasswordTruststore password
sslKeystoreTypeThe type of Keystore.
See the Keystore section in the Java Cryptography Architecture Standard Algorithm Name Documentation for information about standard types.
Examples of value: JKS, JCEKS, PKCS12, PKCS11
JKS
sslTruststoreTypeThe type of Truststore.
See the KeyStore section in the Java Cryptography Architecture Standard Algorithm Name Documentation for information about standard types.
Examples of value: JKS, JCEKS, PKCS12, PKCS11
JKS
sslKeystoreKeyAliasAlias filter for used entities in Keystore. The only keys with defined alias will be used for a secure connection if this property is defined.
sslTruststoreKeyAliasAlias filter for used entities in Truststore. The only certificates with defined alias will be used for a secure connection if this property is defined.
sslProtocolSSL protocol.
See the SSLContext section in the Java Cryptography Architecture Standard Algorithm Name Documentation for information about standard protocol names.
Examples of value: SSL, SSLv2, SSLv3, TLS, TLSv1, TLSv1.1, TLSv1.2
TLSv1.2
keyManagerAlgorithmKey manager factory algorithm name(see Customizing the Default Key Managers and Trust Managers). Possible values are SunX509, PKIXSunX509
trustManagerAlgorithmTrust manager factory algorithm name (see Customizing the Default Key Managers and Trust Managers). Possible values are SunX509, PKIX.SunX509
sslServerNeedClientAuthDefine if authentication is required for the server-side socket. This option is working only for the SSLFIXServer instancefalse

The sample of creating initiator FIX session with secure connection:

// Creating connection parameters for initiator
SessionParameters params = new SessionParameters();
params.setHost("localhost");
params.setPort(3000);
params.setSenderCompId("initiator");
params.setTargetCompId("target");
        
// Define options for secure connection
params.getConfiguration().setProperty(Configuration.ENABLE_SSL, "true");
params.getConfiguration().setProperty(Configuration.KEY_STORE_PATH, "etc/keystore.jks");
params.getConfiguration().setProperty(Configuration.KEY_STORE_PASSWORD, "keypass");
params.getConfiguration().setProperty(Configuration.TRUST_STORE_PATH, "etc/truststore.jks");
params.getConfiguration().setProperty(Configuration.TRUST_STORE_PASSWORD, "trustpass");

// Create and establish secure connection
FIXSession fixSession = params.createInitiatorSession();
fixSession.connect();
  • No labels