Use this page to edit settings for the application server instance's HTTP listener. The HTTP listener controls connections between the server and clients. You also enable security for connections on the HTTP listener.
In the SSL/TLS Settings section on this page, you can set security for the HTTP listener. Check the appropriate boxes associated with the Secure Sockets Layer (SSL) and Transport Layer Security (TLS), including all the ciphers. You can select either SSL2 or SSL3/TLS sockets.
The following table describes the fields and buttons on the page. The left column lists the fields and buttons; the right column describes the functionality.
Field or Button
|
Description
|
||
---|---|---|---|
Name |
The name of the HTTP listener. |
||
IP Address |
The IP address of the HTTP listener. Can be in dotted-pair or IPv6 notation. Can also be 0.0.0.0, any, or ANY or INADDR_ANY (all IP addresses). Configuring an SSL HTTP listener to listen on 0.0.0.0 is required if more than one virtual server is configured to it. |
||
Port |
The port number to create the HTTP listener on. Legal values are 1 - 65535. On UNIX, creating sockets that listen on ports 1 - 1024 requires superuser privileges. Configuring an SSL HTTP listener to listen on port 443 is recommended. |
||
Return Server Name |
Tells the server what to put in the host name section of any URLs it sends to the client. This affects URLs the server automatically generates; it doesn't affect the URLs for directories and files stored in the server. This name should be the alias name if your server uses an alias. If you append a colon and port number, that port will be used in URLs the server sends to the client. |
||
Default Virtual Server |
The default virtual server for the HTTP listener. The list contains all available virtual servers in the server instance. |
||
Listener Enabled |
Indicates whether or not the listener is enabled and ready to accept connections. |
||
SSL/TLS Enabled |
Determines whether security is enabled. |
||
Certificate Nickname |
Determines the name of an installed certificate to use for this listener. You must have previously installed a certificate to see its nickname in this list. |
||
SSL2 Enabled |
Determines whether SSL2 is enabled. |
||
SSL2 Ciphers |
Determines which SSL2 cipher suites are selected (provided SSL2 is selected).
|
||
SSL3 Enabled |
Determines whether SSL3 is enabled. |
||
TLS Enabled |
Determines whether TLS is enabled.
|
||
TLS Rollback Enabled |
Determines whether TLS rollback is enabled.
|
||
SSL3/TLS Ciphers |
Determines whether SSL3/TLS ciphers is enabled.
|
||
Client Authentication Enabled |
Determines whether client authentication is required on this listener. Client authentication is the process of authenticating client certificates by cryptographically verifying the certificate signature and the certificate chain leading to the CA on the trust CA list. |
||
Family |
The socket family type. Legal values are inet, inet6, and nca. Use the value inet6 for IPv6 listeners. If this value is inet6, IPv4 addresses are prefixed with ::ffff: in the server log. Specify nca to make use of the Solaris Network Cache and Accelerator. |
||
Blocking Enabled |
Determines whether the listener and the accepted socket are put in to blocking mode. Use of blocking mode may improve benchmark scores. |
||
Acceptor Threads |
Number of acceptor threads for the listener. The recommended value is the number of processors in the machine. Legal values are 1 - 1024. |
||
Save |
Saves your changes. |
||
Reset |
Resets the values on the page to the default values. |