HP NonStop SSL Reference Manual Contents • v
SRCIPADDR, SRCIPPORT ..................................................................................... 74
SUBNET ................................................................................................................... 75
SSLCOMSECURITY................................................................................................ 75
TARGETINTERFACE ............................................................................................. 76
TARGETHOST ......................................................................................................... 76
TARGETHOSTFORCE ............................................................................................ 77
TARGETPORT ......................................................................................................... 77
TARGETPORTFORCE ............................................................................................ 78
TARGETSUBNET .................................................................................................... 78
TCPIPHOSTFILE ..................................................................................................... 79
TCPIPNODEFILE ..................................................................................................... 79
TCPIPRESOLVERNAME ........................................................................................ 79
TCPNODELAY ........................................................................................................ 80
TRUST ...................................................................................................................... 80
Advanced Configuration Topics .............................................................................................. 82
Multiple SSL Tunnels in a Single Process ................................................................ 82
Fault-tolerant Configuration ...................................................................................... 82
Load Balancing and Fault-Tolerance of EXPAND over SSL ................................... 82
Monitoring 85
Overview ................................................................................................................................. 85
Log and Audit Level Recommendations ................................................................................. 86
Customizing the Log and Audit Format .................................................................................. 86
Using SHOWLOG to View a Log File .................................................................................... 86
Viewing File Contents from OSS ............................................................................................ 89
Logfile/Auditfile Rollover ....................................................................................................... 89
SSLCOM Command Interface 91
Usage of SSLCOM: a Sample Session .................................................................................... 92
Supported Commands .............................................................................................................. 93
The CONNECTION Commands ............................................................................................. 94
CONNECTIONS ....................................................................................................... 94
CONNECTIONS, DETAIL ...................................................................................... 95
INFO CONNECTION ............................................................................................... 96
RENEGOTIATE CONNECTION ............................................................................ 96
SSLINFO Command ............................................................................................................... 97
RELOAD CERTIFICATES Command ................................................................................... 97
SSL Reference 99
Secure Sockets Layer ............................................................................................................... 99
SSL Features .............................................................................................................. 99
Further References..................................................................................................... 99
Implementation Overview ..................................................................................................... 100
Cipher Suites ........................................................................................................... 100
Auditing ................................................................................................................... 100
X.509 Certificates .................................................................................................... 100
Configuring SSL for Production as SSL Server .................................................................... 101
Using Your Own Server Key and Certificate Files ................................................. 101
The Public/Private Key Pair .................................................................................... 102
The Certificate Signing Request .............................................................................. 102
Obtaining a Certificate from a Third Party CA ....................................................... 102
Acting As Your Own CA ........................................................................................ 102
Example: How to Generate SSL Certificates Using OpenSSL................................ 103
Requesting the SSL Client to Present a Client Certificate ....................................... 107
To Next Page
Loading...
