Create/Edit HTTP Listener

Use this page to edit settings for the application server instance's HTTP listener. The HTTP listener controls connections between the server and clients. You also enable security for connections on the HTTP listener.

In the SSL/TLS Settings section on this page, you can set security for the HTTP listener. Check the appropriate boxes associated with the Secure Sockets Layer (SSL) and Transport Layer Security (TLS), including all the ciphers. You can select either SSL2 or SSL3/TLS sockets.

The following table describes the fields and buttons on the page. The left column lists the fields and buttons; the right column describes the functionality.

Field or Button
Description

Name

The name of the HTTP listener.

IP Address

The IP address of the HTTP listener. Can be in dotted-pair or IPv6 notation. Can also be 0.0.0.0, any, or ANY or INADDR_ANY (all IP addresses). Configuring an SSL HTTP listener to listen on 0.0.0.0 is required if more than one virtual server is configured to it.

Port

The port number to create the HTTP listener on. Legal values are 1 - 65535. On UNIX, creating sockets that listen on ports 1 - 1024 requires superuser privileges. Configuring an SSL HTTP listener to listen on port 443 is recommended.

Return Server Name

Tells the server what to put in the host name section of any URLs it sends to the client. This affects URLs the server automatically generates; it doesn't affect the URLs for directories and files stored in the server. This name should be the alias name if your server uses an alias.

If you append a colon and port number, that port will be used in URLs the server sends to the client.

Default Virtual Server

The default virtual server for the HTTP listener. The list contains all available virtual servers in the server instance.

Listener Enabled

Indicates whether or not the listener is enabled and ready to accept connections.

SSL/TLS Enabled

Determines whether security is enabled.

Certificate Nickname

Determines the name of an installed certificate to use for this listener. You must have previously installed a certificate to see its nickname in this list.

SSL2 Enabled

Determines whether SSL2 is enabled.

SSL2 Ciphers

Determines which SSL2 cipher suites are selected (provided SSL2 is selected).

tip Unless you have a compelling reason for not using a specific cipher suite, you should allow them all.

SSL3 Enabled

Determines whether SSL3 is enabled.

TLS Enabled

Determines whether TLS is enabled.

  • TLS must also be enabled on the browser seeking access to your server.

  • Check both TLS and SSL3 for Netscape Navigator 6.0.

TLS Rollback Enabled

Determines whether TLS rollback is enabled.

  • TLS must be enabled.

  • SSL3 and SSL2 must be disabled.

  • Use the TLS Rollback option for Microsoft Internet Explorer 5.0 and 5.5.

SSL3/TLS Ciphers

Determines whether SSL3/TLS ciphers is enabled.

tip Unless you have a compelling reason for not using a specific cipher suite, you should allow them all.

Client Authentication Enabled

Determines whether client authentication is required on this listener. Client authentication is the process of authenticating client certificates by cryptographically verifying the certificate signature and the certificate chain leading to the CA on the trust CA list.

Family

The socket family type. Legal values are inet, inet6, and nca. Use the value inet6 for IPv6 listeners. If this value is inet6, IPv4 addresses are prefixed with ::ffff: in the server log. Specify nca to make use of the Solaris Network Cache and Accelerator.

Blocking Enabled

Determines whether the listener and the accepted socket are put in to blocking mode. Use of blocking mode may improve benchmark scores.

Acceptor Threads

Number of acceptor threads for the listener. The recommended value is the number of processors in the machine. Legal values are 1 - 1024.

Save

Saves your changes.

Reset

Resets the values on the page to the default values.


Legal Notices
Copyright © 2004 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms.