Skip Headers
Oracle® Traffic Director Command-Line Reference
11g Release 1 (11.1.1.7)
Part Number E21037-03
Go to Documentation Home
Home		 Go to Book List
Book List		 Go to Table of Contents
Contents		 Go to Index
Index		 Go to Feedback page
Contact Us
Go to previous page
Previous		 Go to next page
Next
PDF · Mobi · ePub

set-ssl-prop

Syntax

tadm set-ssl-prop common_options --config=config_name (--http-listener=name|--tcp-listener=name) (property_name=property_value)+

Description

Use this command to set the SSL properties for a listener. SSL is a software library establishing a secure connection between the client and server. SSL is used to implement HTTPS, the secure version of HTTP.

Options

For information about common_options, run the help command.

--config|-c

Specify the name of the configuration to set SSL properties.

--http-listener|-r

Specify the name of the HTTP listener.

--tcp-listener|-t

Specify the name of the TCP listener.

Operands

property-name=property-value

Specify name=value pairs for one or more properties that you want to define. The name=value pairs should be separated by spaces.

You can set the following HTTP properties:

enabled: Specifies whether SSL support is enabled for the listener.
Values: true, false. Default: true.

strict-sni-vs-host-match: Specifies that if the value is false, the default certificate is sent to clients which do not support SNI (Server Name Indication) extension.
Values: true, false. Default: false.

tls-session-tickets-enabled: Specifies whether TLS session Ticket Extension feature is enabled.
Values: true, false. Default: true.

server-cert-nickname: Specifies the nickname of the certificate that the server presents to the clients.
Values: zero or one for RSA and zero or one for ECC.

Note:

The property server-cert-nickname enables you to specify multiple values, with each value enclosed in quotes and separated by commas.

ssl3: Specifies whether SSL3 connections are accepted.
Values: true, false. Default: true.

tls: Specifies whether TLS connections are accepted.
Values: true, false. Default: true.

client-auth: Specifies the method of client certificate authentication.
Values: required, optional, or false. When you choose required option, the server requests the client for a certificate; if the client does not provide a certificate, the connection is closed. When you choose optional option, the server requests the client for a certificate, but does not require it. The connection is established even if the client does not provide a certificate. Default: false. The client authentication is disabled by default.

client-auth-timeout: Indicates the duration (in seconds) after which a client authentication handshake fails.
Values: 0.001 to 3600.

max-client-auth-data: Specifies the number of characters of authentication data that the server can buffer.
Values: 0 to 2147483647.

To reset a property to its default value, do not provide a property value.
For example, property-name=<empty_string>

Example

tadm set-ssl-prop --user=admin --host=admin.example.com 
--password-file=./admin.passwd --port=8989 
--no-prompt --config=www.example.org --http-listener=config1_ls max-client-auth-data=18976 client-auth-timeout=200

Exit Codes

The following exit values are returned:

0: command executed successfully

>0: error in executing the command

For more information about exit codes and syntax notations, run the help command.

See Also

help, get-ssl-prop

Go to previous page
Previous		 Go to next page
Next
Go to Documentation Home
Home		 Go to Book List
Book List		 Go to Table of Contents
Contents		 Go to Index
Index		 Go to Feedback page
Contact Us