To Configure SSL Parameters in the ics.conf File
To implement SSL with Calendar Server, you must set specific parameters in the ics.conf file. If any of the parameters listed in the following table are not in the ics.conf file, add them to the file with the value specified. Since the ics.conf is read only at system startup (when start-cal is issued), the new values will not take effect until the Calendar Server is restarted. For a description of these SSL parameters, see SSL Configuration.
-
Log in as an administrator with permission to change the configuration.
-
Change to the /etc/opt/SUNWics5/cal/config directory.
-
Save your old ics.conf file by copying and renaming it.
-
Edit one or more of the parameters as shown in the following table:
Parameter
Value
encryption.rsa.nssslactivation
“on”
encryption.rsa.nssslpersonalityssl
“SampleSSLServerCert”
encryption.rsa.nsssltoken
“internal”
service.http.tmpdir
“/var/opt/SUNWics5/tmp”
service.http.uidir.path
“html”
service.http.ssl.cachedir
“.”
service.http.ssl.cachesize
“10000”
service.http.ssl.certdb.password
" "(Supply an appropriate password)
service.http.ssl.certdb.path
“/var/opt/SUNWics5/alias”
service.http.ssl.port.enable
“yes”
service.http.ssl.port
"443" (Default SSL port)
Note –Not on port "80", which is the HTTP default port.
service.http.securesession
"yes" (Entire session encrypted)
service.http.ssl.sourceurl
“https”//localhost:port” (Supply the name of your local host, and the service.http.ssl.port value.)
service.http.ssl.ssl2.ciphers
““
service.http.ssl.ssl2.sessiontimeout
“0”
service.http.ssl.ssl3.ciphers
"rsa_red_40_md5,
rsa_rc2_40_md5,
rsa_des_sha,
rsa_rc4_128_md5,
rsa_3des_sha"
service.http.ssl.ssl3.sessiontimeout
“0”
service.http.sslusessl
“yes”
-
Save the file as ics.conf.
-
Restart Calendar Server for the changes to take effect.
cal_svr_base/SUNWics5/cal/sbin/start-cal
- © 2010, Oracle Corporation and/or its affiliates