CHAPTER16 Services
Mediant 4000 SBC | User's Manual
Parameter Description
'HTTP Listening Port'
http-port
[HTTPServer_
HTTPListeningPort]
Defines the HTTP listening port, which is the local port for incoming
packets for the HTTP service.
Note:
■ The port number must not conflict with the ports used for the
Web interface, which is usually 80 for HTTP and 443 for HTTPS.
■ You must configure at least one port (HTTP or HTTPS port).
■ The NGINX directive for this parameter is "listen ip:port".
'HTTPS Listening Port'
https-port
[HTTPServer_
HTTPSListeningPort]
Defines the HTTPS listening port, which is the local port for
incoming packets for the HTTP service.
Note:
■ The port number must not conflict with the ports used for the
Web interface, which is usually 80 for HTTP and 443 for HTTPS.
■ You must configure at least one port (HTTP or HTTPS port).
■ The NGINX directive for this parameter is "listen ip:port ssl".
'TLS Context'
tls-context
[HTTPServer_
TLSContext]
Assigns a TLS Context (TLS certificate). This is required if you have
specified an HTTPS listening port (see the 'HTTPS Listening Port'
parameter above). To configure TLS Contexts, see Configuring TLS
Certificate Contexts on page124.
Note: The NGINX directives for this parameter is "tls-context", "ssl_
certificate", "ssl_certificate_key", "ssl_ciphers", "ssl_protocols",
and "ssl_password_file".
Verify Client
Certificate
verify-client-
cert
[HTTPServer_
VerifyCertificate]
Enables the verification of the client TLS certificate, where the client
is the device or user that issues the HTTPS request.
■ [0] No = (Default) No certificate verification is done.
■ [1] Yes = The device verifies the authentication of the certificate
received from the HTTPS client. The device authenticates the
certificate against the trusted root certificate store associated
with the assigned TLS Context (see 'TLS Context' parameter
above) and if ok, allows communication with the HTTPS client. If
authentication fails, the device denies communication (i.e.,
handshake fails). The device can also authenticate the
certificate by querying with an Online Certificate Status Protocol
(OCSP) server whether the certificate has been revoked. This is
also configured for the associated TLS Context.
'Additional Directive
Set'
directive-set
[HTTPServer_
AdditionalDirectiveSet]
Assigns an NGINX Directive Set for the HTTP service. To configure
HTTP Directive Sets, see Configuring HTTP Directive Sets on
page275.
- 265 -
To Next Page
Loading...
