tadm set-ssl-prop common_options --config=config_name (--http-listener=name|--tcp-listener=name) (property_name=property_value)+
Use this command to set the SSL properties for a listener. SSL is a software library establishing a secure connection between the client and server. SSL is used to implement HTTPS, the secure version of HTTP.
For information about common_options, run the help command.
--config|-cSpecify the name of the configuration to set SSL properties.
--http-listener|-rSpecify the name of the HTTP listener.
--tcp-listener|-tSpecify the name of the TCP listener.
Specify name=value pairs for one or more properties that you want to define. The name=value pairs should be separated by spaces.
You can set the following HTTP properties:
enabled: Specifies whether SSL support is enabled for the listener.
Values: true, false. Default: true.
strict-sni-vs-host-match: Specifies that if the value is false, the default certificate is sent to clients which do not support SNI (Server Name Indication) extension.
Values: true, false. Default: false.
tls-session-tickets-enabled: Specifies whether TLS session Ticket Extension feature is enabled.
Values: true, false. Default: true.
server-cert-nickname: Specifies the nickname of the certificate that the server presents to the clients.
Values: zero or one for RSA and zero or one for ECC.
Note:
The propertyserver-cert-nickname enables you to specify multiple values, with each value enclosed in quotes and separated by commas.ssl3: Specifies whether SSL3 connections are accepted.
Values: true, false. Default: true.
tls: Specifies whether TLS connections are accepted.
Values: true, false. Default: true.
client-auth: Specifies the method of client certificate authentication.
Values: required, optional, or false. When you choose required option, the server requests the client for a certificate; if the client does not provide a certificate, the connection is closed. When you choose optional option, the server requests the client for a certificate, but does not require it. The connection is established even if the client does not provide a certificate. Default: false. The client authentication is disabled by default.
client-auth-timeout: Indicates the duration (in seconds) after which a client authentication handshake fails.
Values: 0.001 to 3600.
max-client-auth-data: Specifies the number of characters of authentication data that the server can buffer.
Values: 0 to 2147483647.
To reset a property to its default value, do not provide a property value.
For example, property-name=<empty_string>
tadm set-ssl-prop --user=admin --host=admin.example.com --password-file=./admin.passwd --port=8989 --no-prompt --config=www.example.org --http-listener=config1_ls max-client-auth-data=18976 client-auth-timeout=200
The following exit values are returned:
0: command executed successfully
>0: error in executing the command
For more information about exit codes and syntax notations, run the help command.