Adding and Editing Listen Sockets

Before the server can process a request, it must accept the request via a listen socket, then direct the request to the correct server. When you install the Proxy Server one listen socket, ls1, is created automatically. This listen socket uses the IP address 0.0.0.0 and the port number you specified as your proxy server port number during installation. You cannot delete the default listen socket.

• General

  • Listen Socket ID. The internal name for the listen socket. You cannot change this name after a listen socket has been created.

  • IP Address. The IP address of the listen socket. This address can be in dotted-pair or IPv6 notation. It can also be 0.0.0.0, any, or ANY or INADDR_ANY (all IP addresses).

  • Port. The port number on which to create the listen socket. The values allowed are 1-65535. On UNIX, creating sockets that listen on ports 1-1024 requires superuser privileges. Configure an SSL listen socket to listen on port 443.

  • Server Name. The default server for this listen socket.

  Security

If security is disabled, only the following parameter is displayed:

• Security. Enables or disables security for the listen socket selected.

If security is enabled, the following parameters are displayed:

• Security. Enables or disables security for the listen socket selected.

  • Server Certificate Name. Select an installed certificate from the drop-down list to use for this listen socket.

  • Client Authentication. Specifies whether client authentication is required on this listen socket. This setting is Optional by default.

  • SSL Version 2. Enables or disables SSL Version 2. This setting is disabled by default.

  • SSL Version 2 Ciphers. Lists all ciphers within this suite. Select the ciphers that you want to enable for the listen socket you are editing by selecting or deselecting the boxes. The default versions are deselected.

  • SSL Version 3. Enables or disables SSL Version 3. This setting is enabled by default.

  • TLS. Enables or disables TLS, the Transport Layer Security protocol for encrypted communication. This is enabled by default.

  • TLS Rollback. Enables or disables TLS Rollback. Note that disabling TLS Rollback leaves connections vulnerable to version rollback attacks. This is enabled by default.

  • SSL Version 3 and TLS Ciphers. Lists all ciphers within this suite. Select the ciphers you want to enable for the listen socket you are editing by selecting or deselecting the boxes. The default versions are selected.

  Advanced

  • Number Of Acceptor Threads. The number of acceptor threads for the listen socket. The recommended value is the number of processors in the machine. The default is 1. The values are 1-1024.

    Protocol Family. The socket family type. The values allowed are inet, inet6, and nca. Use the value inet6 for IPv6 listen sockets. Specify nca to make use of the Solaris Network Cache and Accelerator.

Listen sockets are added, edited, and deleted using the Server Manager’s Add Listen Socket and Edit Listen Sockets pages.

Security for a listen socket has Enabled as an option only after the required certificates have been installed and until then only Disabled shows up in the drop-down box.

This section contains the following topics:

• To Configure the Proxy-Authenticates-Client Scenario

• To Configure the Content Server-Authenticates-Proxy Scenario

• To Configure the Proxy-Authenticates-Client and Content Server-Authenticates-Proxy scenario

To Add Listen Sockets

1. Access the Server Manager and click the Preferences tab.

2. Click the Add Listen Socket link.

   The Add Listen Socket page is displayed.

3. Specify the internal name for the listen socket.

   You cannot change this name after the listen socket has been created.

4. Specify the IP address of the listen socket.

   The IP address can be in dotted-pair or IPv6 notation. It can also be 0.0.0.0, any, ANY or INADDR_ANY (all IP addresses).

5. Specify the port number to create the listen socket on. The values allowed are 1 - 65535.

   On UNIX, creating sockets that listen on ports 1 - 1024 requires superuser privileges. Configure an SSL listen socket to listen on port 443.

6. Specify the server name to be used in the host name section of any URLs the server sends to the client.

   This setting affects URLs that the server automatically generates but does not affect the URLs for directories and files stored in the server. This name should be the alias name if your server uses an alias.

7. From the drop-down list, specify whether security should be enabled or disabled for the listen socket.

8. Click OK.

9. Click Restart Required.

   The Apply Changes page is displayed.

10. Click the Restart Proxy Server button to apply the changes.

To Edit Listen Sockets

1. Access the Server Manager and click the Preferences tab.

2. Click the Edit Listen Sockets link.

   The Edit Listen Sockets page is displayed.

3. In the Configured Sockets table, click the link for the listen socket you want to edit.

   The Edit Listen Sockets page is displayed.

4. Make the desired changes to the options.

   For a description of the options, see the beginning of this section.

5. Click OK.

6. Click Restart Required.

   The Apply Changes page is displayed.

7. Click the Restart Proxy Server button to apply the changes.

To Delete Listen Sockets

1. Access the Server Manager and click the Preferences tab.

2. Click the Edit Listen Sockets link.

3. Select the check box next to the listen socket you want to delete and click OK.

   You will be prompted to confirm deletion. It is possible to delete any listen socket, provided it is not the only listen socket for that instance.

4. Click Restart Required.

   The Apply Changes page is displayed.

5. Click the Restart Proxy Server button to apply the changes.