|
|
|
NAME
create-ssl - creates the
SSL element in the HTTP listener or IIOP listener
SYNOPSIS
create-ssl --user admin_user --password admin_password [ --host localhost ][ --port 4848 ] [ --passwordfile filename ]
[ --secure|-s ] --type [ http-listener|iiop-listener|iiop-servi ]--certname cert_name [ --instance instance_name ] [ - -ssl2enabled=false ] [ --ssl2ciphers ssl_2_ciphers ] [ - -ssl3enabled=true ] [ --ssl3tlsciphers ssl3_tls_ciphers ] [ --tlsenabled=true ][ --tlsrollbackenabled=true ][ --clientauthenabled=false ][ listener_id ]
Creates the ssl element from the HTTP listener or IIOP listener.
- --user
-
administrative
user associated for the instance.
- --password
-
administrative
password corresponding to the administrative user.
- --host
-
host name
of the machine hosting the administrative instance.
- --port
-
administrative
port number associated with the administrative host.
- --secure
-
indicates
communication with the administrative instance in secured mode.
- --passwordfile
-
file containing passwords appropriate for the command (e.g., administrative
instance).
- --instance
-
name
of the instance.
- --type
-
type of
service or listener that the SSL is created for. The type can be: http-listener,
iiop-listener, and iiop-service.
- --certname
-
nickname
of the server certificate in the certificate database or the PKCS#11 token.
In the certificate, the name format is tokenname:nickname. Including the tokenname:
part in this attribute is optional.
- --ssl2enabled
-
determines
whether SSL2 is enabled.
- --ssl2ciphers
-
a
comma separated list of the SSL2 ciphers used. Use the prefix + to enable
or - to disable. Allowed values are: rc4, rc4export, rc2, rc2export, idea, des, desede3. If
no value is specified, all supported ciphers are assumed to be enabled.
- --ssl3enabled
-
determines
whether SSL3 is enabled.
- --ssl3ciphers
-
a
comma separated list of the SSL3 ciphers used. Use the prefix + to enable
or - to disable. Allowed values are: rsa_rc4_128_md5, rsa_3des_sha, rsa_des_sha, rsa_rc4_40_md5, rsa_rc2_40_md5, rsa_null_md5.
Allowed TSL values are: rsa_des_56_sha, rsa_rc4_56_sha. If no value is specified, all supported ciphers are assumed to
be enabled.
- --tlsenabled
-
determines
whether TLS is enabled.
- --tlsrollbackenabled
-
determines whether TLS rollback is enabled. TLS rollback should be enabled
for Microsoft Internet Explorer 5.0 and 5.5.
- --clientauthenabled
-
determines whether SSL3 client authentication is performed on every request
independent of ACL-based access control.
-
listener_ID
-
the ID of the listener or service that the SSL is created for.
Example 1. Using create-ssl
asadmin> create-ssl --user admin --password adminadmin --host fuyako --port 7070 --type http-listener --certname sampleCert --instance server1 --ssl2enabled=true --ssl2ciphers +rc4,+rc2,+des --ssl3enabled=false --ssl3tlscipers +rsa_rc4_128_md,+rsa_3des_sha,+rsa_des_sha,+rsa_rc4_40_md5 --tlsenabled=false --tlsrollbackenabled=false --clientauthenabled=false http-listener-1
Created SSL in HTTP Listener
Where: SSL is created for http-listener-1.
- 0
-
command executed successfully
- 1
-
error in executing the command
HTTP Server folder, HTTP Listeners page, ORB folder, IIOP Listeners
page
delete-ssl(1)
Sun Java System Application Server | Go To Top | Last Changed 12 Feb 2004 |
Company Info
|
Contact
|
Copyright 2004 Sun Microsystems, Inc. All rights reserved.
Use is subject to license terms.
|