To Set Ssl Termination Configuration Variables For Client/Traffic Server Connections - HP P4535A - Web Cache Server Appliance Administrator's Manual
Hp cache server appliance administrator guide
Hide thumbs
Also See for P4535A - Web Cache Server Appliance:
- Warranty and support information (12 pages) ,
- Manual (21 pages) ,
- Getting started manual (26 pages)
Table of Contents
Advertisement
Chapter 11
To set SSL termination configuration variables for client/Traffic Server connections:
1. Telnet into the HP web cache appliance and select Shell Access as described in
Methods‚ on page
2. Open the
records.config
3. Edit the following variables in the
Variable
proxy.config.ssl.enabled
proxy.config.ssl.server_port
proxy.config.ssl.client.certification_level
proxy.config.ssl.server.cert.filename
proxy.config.ssl.server.cert.path
proxy.config.ssl.server.private_
key.filename
proxy.config.ssl.server.private_key.path
proxy.config.ssl.CA.cert.filename
proxy.config.ssl.CA.cert.path
7.
file located in Traffic Server's
SSL Termination
directory with Vi.
config
section of the file:
Description
Set this variable to 1 to enable the SSL termination option.
Set this variable to specify the port used for SSL
communication. The default port is 443.
Set this variable to one of the following values:
O specifies that no client certificates are required.
Traffic Server does not verify client certificates during
the SSL handshake. Access to Traffic Server depends
on Traffic Server configuration options (such as access
control lists).
1 specifies that client certificates are optional. If a client
has a certificate, the certificate is validated. If the client
does not have a certificate, the client is still allowed
access to Traffic Server unless access is denied through
other Traffic Server configuration options.
2 specifies that client certificates are required. The
client must be authenticated during the SSL handshake.
Clients without a certificate are not allowed to access
Traffic Server.
Set this variable to specify the file name of Traffic
Server's SSL server certificate.
Traffic Server provides a demo server certificate called
server.pem. You can use this certificate to verify that
the SSL feature is working.
If you are using multiple server certificates, set this
variable to specify the default file name.
Set this variable to specify the location of Traffic Server's
SSL server certificate. The default directory is Traffic
Server's config directory.
Set this variable to specify the file name of Traffic
Server's private key.
Change this variable only if the private key is not located
in the Traffic Server's SSL server certificate file.
Set this variable to specify the location of the Traffic
Server's private key.
Change this variable only if the private key is not located
in the Traffic Server's SSL server certificate file.
Specify the file name of the certificate authority that client
certificates will be verified against.The default value is
NULL.
Specify the location of the certificate authority file that
client certificates will be verified against.The default
value is NULL.
Security Options
Overview of Access
95
Advertisement
Table of Contents
