appserver/admingui/common/src/main/help/en/help/task-jmxconnectorssledit.html - glassfish - Git at Google

 <!--

     Copyright (c) 2005, 2018 Oracle and/or its affiliates. All rights reserved.

     This program and the accompanying materials are made available under the
     terms of the Eclipse Public License v. 2.0, which is available at
     http://www.eclipse.org/legal/epl-2.0.

     This Source Code may also be made available under the following Secondary
     Licenses when the conditions for such availability set forth in the
     Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
     version 2 with the GNU Classpath Exception, which is available at
     https://www.gnu.org/software/classpath/license.html.

     SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0

 -->

 <p><a id="task-jmxconnectorssledit" name="task-jmxconnectorssledit"></a><a id="GHCOM00212" name="GHCOM00212"></a></p>

 <h4><a id="sthref110" name="sthref110"></a><a id="sthref111" name="sthref111"></a><a id="sthref112" name="sthref112"></a>To Edit SSL Settings for the JMX Connector</h4>
 <a name="BEGIN" id="BEGIN"></a><a id="GHCOM321" name="GHCOM321"></a>
 <h5>Before You Begin</h5>
 <p>This task is meaningful only if security is enabled for the JMX connector.</p>
 <ol>
 <li>
 <p>In the navigation tree, expand the Configuration node.</p>
 </li>
 <li>
 <p>Under the Configuration node, select the Admin Service node.</p>
 <p>The Edit JMX Connector page opens.</p>
 </li>
 <li>
 <p>Select the Security Enabled checkbox to cause JMX communication to be encrypted.</p>
 <p>This option is disabled by default.</p>
 </li>
 <li>
 <p>Click the SSL tab.</p>
 <p>The SSL page opens.</p>
 </li>
 <li>
 <p>On the SSL page, select the SSL3 Enabled checkbox to enable SSL3.</p>
 <p>This option is enabled by default.</p>
 </li>
 <li>
 <p>Select the TLS Enabled checkbox to enable Transport Layer Security (TLS).</p>
 <p>This option is enabled by default.</p>
 </li>
 <li>
 <p>Select the Client Authentication Enabled checkbox to require clients to identify themselves to the server on every request.</p>
 <p>This option is disabled by default.</p>
 </li>
 <li>
 <p>In the Certificate Nickname field, type the nickname of the server certificate in the certificate database or the PKCS#11 token.</p>
 <p>In the certificate, the name format is <i>tokenname</i><code>:</code><i>nickname</i>. Including the <i>tokenname</i><code>:</code> part of the name in this attribute is optional.</p>
 </li>
 <li>
 <p>In the Key Store field, type the name of the keystore file (for example, <code>keystore.jks</code>).</p>
 </li>
 <li>
 <p>In the Trust Algorithm field, type the name of the trust management algorithm (for example, PKIX) to use for certification path validation.</p>
 </li>
 <li>
 <p>In the Max Certificate Length field, type the maximum number of non-self-issued intermediate certificates that can exist in a certification path.</p>
 <p>This field is used only if the Trust Algorithm field is set to PKIX. A value of 0 implies that the path can only contain a single certificate. A value of -1 implies that the path length is unconstrained (there is no maximum). Setting a value less than -1 causes an exception to be thrown.</p>
 </li>
 <li>
 <p>In the Trust Store field, type the name of the truststore file (for example, <code>cacerts.jks</code>).</p>
 </li>
 <li>
 <p>In the Cipher Suites area, specify the cipher suites to be used.</p>
 <p>If you do not add any cipher suites, all cipher suites will be used.</p>
 </li>
 <li>
 <p>Click OK.</p>
 </li>
 </ol>
 <a id="GHCOM322" name="GHCOM322"></a>
 <h5>See Also</h5>
 <p><a href="task-jmxconnectoredit.html">To Edit the JMX Connector</a></p>


 <small>Copyright &#169; 2005, 2017, Oracle and/or its affiliates. All rights reserved. <a href="docinfo.html">Legal Notices</a></small>
	<!--

	Copyright (c) 2005, 2018 Oracle and/or its affiliates. All rights reserved.

	This program and the accompanying materials are made available under the
	terms of the Eclipse Public License v. 2.0, which is available at
	http://www.eclipse.org/legal/epl-2.0.

	This Source Code may also be made available under the following Secondary
	Licenses when the conditions for such availability set forth in the
	Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
	version 2 with the GNU Classpath Exception, which is available at
	https://www.gnu.org/software/classpath/license.html.

	SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0

	-->

	<p><a id="task-jmxconnectorssledit" name="task-jmxconnectorssledit"></a><a id="GHCOM00212" name="GHCOM00212"></a></p>

	<h4><a id="sthref110" name="sthref110"></a><a id="sthref111" name="sthref111"></a><a id="sthref112" name="sthref112"></a>To Edit SSL Settings for the JMX Connector</h4>
	<a name="BEGIN" id="BEGIN"></a><a id="GHCOM321" name="GHCOM321"></a>
	<h5>Before You Begin</h5>
	<p>This task is meaningful only if security is enabled for the JMX connector.</p>
	<ol>
	<li>
	<p>In the navigation tree, expand the Configuration node.</p>
	</li>
	<li>
	<p>Under the Configuration node, select the Admin Service node.</p>
	<p>The Edit JMX Connector page opens.</p>
	</li>
	<li>
	<p>Select the Security Enabled checkbox to cause JMX communication to be encrypted.</p>
	<p>This option is disabled by default.</p>
	</li>
	<li>
	<p>Click the SSL tab.</p>
	<p>The SSL page opens.</p>
	</li>
	<li>
	<p>On the SSL page, select the SSL3 Enabled checkbox to enable SSL3.</p>
	<p>This option is enabled by default.</p>
	</li>
	<li>
	<p>Select the TLS Enabled checkbox to enable Transport Layer Security (TLS).</p>
	<p>This option is enabled by default.</p>
	</li>
	<li>
	<p>Select the Client Authentication Enabled checkbox to require clients to identify themselves to the server on every request.</p>
	<p>This option is disabled by default.</p>
	</li>
	<li>
	<p>In the Certificate Nickname field, type the nickname of the server certificate in the certificate database or the PKCS#11 token.</p>
	<p>In the certificate, the name format is <i>tokenname</i><code>:</code><i>nickname</i>. Including the <i>tokenname</i><code>:</code> part of the name in this attribute is optional.</p>
	</li>
	<li>
	<p>In the Key Store field, type the name of the keystore file (for example, <code>keystore.jks</code>).</p>
	</li>
	<li>
	<p>In the Trust Algorithm field, type the name of the trust management algorithm (for example, PKIX) to use for certification path validation.</p>
	</li>
	<li>
	<p>In the Max Certificate Length field, type the maximum number of non-self-issued intermediate certificates that can exist in a certification path.</p>
	<p>This field is used only if the Trust Algorithm field is set to PKIX. A value of 0 implies that the path can only contain a single certificate. A value of -1 implies that the path length is unconstrained (there is no maximum). Setting a value less than -1 causes an exception to be thrown.</p>
	</li>
	<li>
	<p>In the Trust Store field, type the name of the truststore file (for example, <code>cacerts.jks</code>).</p>
	</li>
	<li>
	<p>In the Cipher Suites area, specify the cipher suites to be used.</p>
	<p>If you do not add any cipher suites, all cipher suites will be used.</p>
	</li>
	<li>
	<p>Click OK.</p>
	</li>
	</ol>
	<a id="GHCOM322" name="GHCOM322"></a>
	<h5>See Also</h5>
	<p><a href="task-jmxconnectoredit.html">To Edit the JMX Connector</a></p>



	<small>Copyright © 2005, 2017, Oracle and/or its affiliates. All rights reserved. <a href="docinfo.html">Legal Notices</a></small>