How to Configure SSL
Step
-
When you setup the N1 Grid Service Provisioning System applications to start automatically when the system boots
-
On Windows servers, N1 Grid Service Provisioning System applications do not prompt for keystore passwords, so this parameter must be specified for any applications configured to use SSL on Windows servers.
-
The CLI application does not prompt for keystore passwords, so this parameter must be specified for any CLI Clients that you configure to use SSL.
-
If a Local Distributor is connected to its parent through an SSH connection, the Local Distributor cannot prompt for passwords.
(Optional) Manually edit the config.properties file to change the SSL configuration.
The following table lists the settings in the config.properties file that are related to SSL configurations. Change the parameters based on the type of SSL connectivity you want to use.
|
Parameter |
Default Value |
Description |
|---|---|---|
|
net.ssl.cipher.suites |
SSL_RSA_WITH_3DES_EDE_CBC_SHA |
A comma separated list of SSL cipher suites to enable. For a list of supported SSL Cipher suite, see SSL Cipher Suites. |
|
net.ssl.client.auth |
false |
Specifies whether the SSL server should authenticate clients that are connecting to it. |
|
net.ssl.key.store.pass |
|
The keystore password. Required in some instances. See the following for more information. |
Note –
The net.ssl.key.store.pass parameter specifies the SSL keystore password for an N1 Grid Service Provisioning System 5.0 application. Use this parameter when you configure an application with SSL keystores and you do not want to be prompted for the passwords to the keystore when you start the application. You must specify this parameter in the following instances:
- © 2010, Oracle Corporation and/or its affiliates