View/Edit HTTP Listener (Admin Server)

Use this page to view/edit settings for the Administration Server's HTTP listener. The HTTP listener controls connections between the Administration Server and administration clients using the Administration interface or the command-line interface. You also enable security for connections on the HTTP listener using Secure Sockets Layer (SSL) and Transport Layer Security (TLS).

The HTTP listener settings for the Administration Server are the same as those for a regular server. However, only a restricted set of users access the Administration Server, so you should configure the settings to be as secure as possible.

The following settings are recommended:

The following table describes the fields and buttons on the page. The left column lists the fields and buttons; the right column describes the functionality.

Field or Button
Description

Id

The name of the HTTP listener.

IP Address

The IP address of the HTTP listener. Can be in dotted-pair or IPv6 notation. Can also be 0.0.0.0, any, or ANY or INADDR_ANY (all IP addresses).

Port

The port number to create the HTTP listener on. Legal values are 1 - 65535. On UNIX, creating sockets that listen on ports 1 - 1024 requires superuser privileges.

Return Server Name

Tells the server what to put in the host name section of any URLs it sends to the client. This affects URLs the server automatically generates; it doesn't affect the URLs for directories and files stored in the server. This name should be the alias name if your server uses an alias.

If you append a colon and port number, that port will be used in URLs the server sends to the client.

Default Virtual Server

The default virtual server for the HTTP listener. The list contains all available virtual servers in the Administration Server.

Listener Enabled

Indicates whether or not the listener is enabled and ready to accept connections.

SSL/TLS Enabled

Determines whether security is enabled.

Certificate Nickname

Determines the name of an installed certificate to use for this listener. You must have previously installed a certificate to see its nickname in this list.

SSL2 Enabled

Determines whether SSL2 is enabled. For administrative purposes, deselecting SSL2 and using TLS only is recommended.

SSL2 Ciphers

Determines which SSL2 cipher suites are selected (provided SSL2 is selected).

SSL3 Enabled

Determines whether SSL3 is enabled. For administrative purposes, deselecting SSL3 and using TLS only is recommended.

If your browser does not support TLS, then select SSL3.

TLS Enabled

Determines whether TLS is enabled.

  • TLS must also be enabled on the browser seeking access to your server.

  • Check both TLS and SSL3 for Netscape Navigator 6.0.

TLS Rollback Enabled

Determines whether TLS rollback is enabled.

  • TLS must be enabled.

  • SSL3 and SSL2 must be disabled.

  • Use the TLS Rollback option for Microsoft Internet Explorer 5.0 and 5.5.

SSL3/TLS Ciphers

Determines whether SSL3/TLS ciphers is enabled. For administrative purposes, limiting access to the 128 bit cipher suites is recommended.

Client Authentication Enabled

Determines whether client authentication is required on this listener. Client authentication is the process of authenticating client certificates by cryptographically verifying the certificate signature and the certificate chain leading to the CA on the trust CA list.

Before enabling this option, be sure to install certificates allowing yourself access.

Family

The socket family type. Legal values are inet, inet6, and nca. Use the value inet6 for IPv6 listeners. If this value is inet6, IPv4 addresses are prefixed with ::ffff: in the server log. Specify nca to make use of the Solaris Network Cache and Accelerator.

Blocking Enabled

Determines whether the listener and the accepted socket are put in to blocking mode. For the Administration Server, you should not enable blocking.

Acceptor Threads

Number of acceptor threads for the listener. For the Administration Server, you should not change the default value of 1.

Save

Saves your changes.

Reset

Resets the values on the page to the default values.


Legal Notices
Copyright © 2004 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms.