1. Manuals
  2. Brands
  3. Novell Manuals
  4. Software
  5. BUSINESS CONTINUITY CLUSTERING 1.1 SP2 -...
  6. Administration manual

Disabling Ssl For Inter-Cluster Communication - Novell BUSINESS CONTINUITY CLUSTERING 1.1 SP2 - ADMINISTRATION Administration Manual

Hide thumbs
Table of Contents

Advertisement

10.2.3 Disabling SSL for Inter-Cluster Communication

Disabling SSL for inter-cluster communication should only be done for debugging purposes, and
should not be done in a production environment or for an extended period of time.
To turn off SSL for inter-cluster communication, or to specify a different communication port, you
need to modify the Novell Cluster Services
eDirectory management tool such as iManager or ConsoleOne
Administration Guide for information on using iManager.
Disabling SSL communication to a specific peer cluster requires changing the BCC management
address to the peer cluster. The address is contained in the NCS:BCC Peers attribute that is stored on
the NCS Cluster object.
For example, a default NCS:BCC Peers attribute could appear similar to the following example
where https:// is assumed and is never specified explicitly:
<peer>
<cluster>chicago_cluster</cluster>
<tree>DIGITALAIRLINES-TREE</tree>
<address>10.1.1.10</address>
</peer>
To disable SSL for inter-cluster communication, you would change the <address> attribute to
specify http:// with the IP address, as shown in the following example:
<peer>
<cluster>chicago_cluster</cluster>
<tree>DIGITALAIRLINES-TREE</tree>
<address>http://10.1.1.10</address>
</peer>
The BCC management address of
communication.
The BCC management port can also be changed by modifying the NCS:BCC Peers attribute values.
The default ports for secure and non-secure inter-cluster communication are 5989 and 5988
respectively.
For example, if you want to change the secure port on which OpenWBEM listens from port 5989 to
port 1234, you would change the
<peer>
<cluster>chicago_cluster</cluster>
<tree>DIGITALAIRLINES-TREE</tree>
<address>10.1.1.10:1234</address>
</peer>
The attribute now specifies that inter-cluster communication uses HTTPS over port number 1234.
The NCS:BCC Peers attribute has a value for each peer cluster in the BCC. Attribute values are
synchronized among peer clusters by the BCC-specific Identity Manager driver, so a change to an
attribute value on one cluster causes that attribute value to be synchronized to each peer cluster in
the BCC.
Cluster object that is stored in eDirectory by using an
TM
now specifies non-secure HTTP
chicago_cluster
attribute value in the above examples to:
<address>
®
. See the Novell iManager 2.7
Security Considerations 119

Advertisement

Table of Contents
loading

Related Manuals for Novell BUSINESS CONTINUITY CLUSTERING 1.1 SP2 - ADMINISTRATION

Related Content for Novell BUSINESS CONTINUITY CLUSTERING 1.1 SP2 - ADMINISTRATION

Table of Contents