Installing A Secure Tunnel For Rsc - HP NonStop SSL Reference Manual

Installing a Secure Tunnel for RSC

To install an SSL tunnel for Remote Server Call (RSC) communication, you will need to perform the following steps:
1. On the NonStop server, install an HP NonStop SSL generic server proxy (PROXYS) process for the target TDP
server process.
2. On the workstation, install the HP NonStop SSL RemoteProxy and configure it to route plain connections to the
PROXYS process on the NonStop server.
3. Re-configure RSC to connect to the local RemoteProxy.
The following implementation instructions assume that you have RSC installed on your target NonStop system and
workstation.
To install a HP NonStop SSL PROXYS process for RSC
1. Determine the RSC Transaction Delivery Process (TDP) you want to install the secure proxy for and find out
the TCP/IP process and port number it is listening on. You may do this by examining the TDPCFG file for SET
TCPIPPORT PROCESSNAME and ADD TCPIPPORT commands. You may also check the TCPIPPORT
object with RSCCOM as in the following example:
53> RSCCOM
RSCCOM - TDP Configuration Manager - T9711D43 - (05NOV96) – System \SUPPORT
Tandem TM Remote Server Call using technology from Cornerstone Software, Inc.
Copyright (c) Cornerstone Software, Inc. 1991 - 1995. All rights reserved.
1 (( open $zrsc
Current TDP is \SUPPORT.$ZRSC - T9711D430 - (05NOV96)
2 (( status tcpipport *
Service (Port)
-------------------------------------------------------------------
RSCTEST1 (2001)
2. Select a port number that will be used for SSL RSC connections (e.g. 7502)
3. At your TACL prompt, run the HP NonStop SSL SETUP macro:
> VOLUME $SYSTEM.ZNSSSL
> RUN SETUP
Select "GENERIC SERVER" as run mode and follow the installation instructions. Enter the port number of the
TDP server as target port (e.g. 6502) and the selected SSL RSC port as SSL listening port (e.g. 7502).
The SETUP macro will create a configuration file (e.g. PXYSCF0) and an SCF IN file for the installation as
persistent process (e.g. PXYSIN0).
4. Edit the HP NonStop SSL PROXYS configuration file (e.g. PXYSCF0) to configure any additional parameters,
if desired.
5. Install the PROXYS proxy persistent process, e.g.
> SCF /IN PXYSIN0/
6. Start the HP NonStop SSL PROXYS persistent process, e.g.
> SCF START PROCESS $ZZKRN.#SSL-PROXYS-0
7. Check the log file (configured in the configuration file) to verify the PROXYS process has started correctly, e.g.
> SHOWLOG PXYSLOG *
Verify that the log contains a message of the following pattern:
$PXYS0|06Jun10 21:42:15.82|20|secure-to-plain proxy started on target host 127.0.0.1,
target port 6502, source port 7502
When logging with default log level 50, the last message of the log should then be similar to the following:
$PXYS0|29Jul12 16:31:29.37|30|-- PROXYS setup completed, starting to listen... --
HP NonStop SSL Reference Manual
Status Sessions Last Event
Started 0 TCPIPPORT started. [ 6502 ]
Installation • 21