CHAPTER16 Services
Mediant 1000 Gateway & E-SBC | User's Manual
Parameter Description
Verify Client
Certificate
verify-client-
cert
[HTTPServer_
VerifyCertificate]
Enables the verification of the client TLS certificate, where the client
is the device or user that issues the HTTPS request.
■ [0] No = (Default) No certificate verification is done.
■ [1] Yes = The device verifies the authentication of the certificate
received from the HTTPS client. The device authenticates the
certificate against the trusted root certificate store associated
with the assigned TLS Context (see 'TLS Context' parameter
above) and if ok, allows communication with the HTTPS client. If
authentication fails, the device denies communication (i.e.,
handshake fails). The device can also authenticate the
certificate by querying with an Online Certificate Status Protocol
(OCSP) server whether the certificate has been revoked. This is
also configured for the associated TLS Context.
'Additional Directive
Set'
directive-set
[HTTPServer_
AdditionalDirectiveSet]
Assigns an NGINX Directive Set for the HTTP service. To configure
HTTP Directive Sets, see Configuring HTTP Directive Sets on
page272.
'URL Prefix'
url-prefix
[HTTPProxyService_
URLPrefix]
Defines the URL prefix that is used to access the managed
equipment's embedded Web server. The URL prefix is matched
against the target of the HTTP requests sent by the client (such as
GET and POST). If a match is located in the table, the device
removes the prefix from the request and then forwards the HTTP
request to the managed equipment without the prefix. For example,
for the URL of GET /home/index.html HTTP/1.1 (which is part of the
URL http://10.20.30.40/home/index.html), a URL prefix of “/home”
can be configured. To match all URLs, configure the parameter to "/"
(default).
'Keep-Alive Mode'
keep-alive-mode
[HTTPProxyService_
KeepAliveMode]
Enables a keep-alive mechanism with the managed equipment:
■ [0] Disable
■ [1] Options = (Default) Enables keep-alive by sending HTTP
OPTIONS messages. If no response is received from the HTTP
host, the device stops forwarding HTTP requests to the host and
raises an SNMP alarm (acHTTPProxyServiceAlarm). If you
configured the address of the host as an FQDN (see Configuring
HTTP Proxy Hosts) and the DNS resolution results in multiple IP
addresses, when no response is received from the keep-alive,
the device checks connectivity with the next resolved IP
address and so on, until a response is received.
Configuring HTTP Locations
The HTTP Locations table lets you configure up to 40 HTTP Locations. Locations are specified for
each HTTP proxy server to map the incoming requests received by that server. Mapping is based
on matching the URL in the request. Each location specifies the URL prefix or pattern to match and
the target Upstream Group to which the request is to be forwarded to.
- 262 -
To Next Page
Loading...
Need help?
General
