appserver/admingui/corba/src/main/help/en/help/task-editiiopssl.html - glassfish - Git at Google

 <!--

     Copyright (c) 2005, 2018 Oracle and/or its affiliates. All rights reserved.

     This program and the accompanying materials are made available under the
     terms of the Eclipse Public License v. 2.0, which is available at
     http://www.eclipse.org/legal/epl-2.0.

     This Source Code may also be made available under the following Secondary
     Licenses when the conditions for such availability set forth in the
     Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
     version 2 with the GNU Classpath Exception, which is available at
     https://www.gnu.org/software/classpath/license.html.

     SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0

 -->

 <p><a id="task-editiiopssl" name="task-editiiopssl"></a><a id="GHCOR00009" name="GHCOR00009"></a></p>

 <h4><a id="sthref9" name="sthref9"></a><a id="sthref10" name="sthref10"></a>To Edit SSL Settings for a Secure IIOP Listener</h4>
 <a name="BEGIN" id="BEGIN"></a>
 <ol>
 <li>
 <p>In the tree component, expand the Configuration node.</p>
 </li>
 <li>
 <p>Under the Configuration node, expand the ORB node.</p>
 </li>
 <li>
 <p>Select the IIOP Listeners node.</p>
 <p>The IIOP Listeners page opens.</p>
 </li>
 <li>
 <p>In the table, click the name of the listener to be edited.</p>
 <p>The Edit IIOP Listener page opens.</p>
 </li>
 <li>
 <p>If the Security Enabled checkbox is selected, click the SSL tabbed pane to modify the Secure Socket Layer settings of this IIOP listener.</p>
 <p>The SSL page opens.</p>
 </li>
 <li>
 <p>On the SSL page, select the SSL3 Enabled checkbox to enable SSL3.</p>
 <p>This option is enabled by default.</p>
 </li>
 <li>
 <p>Select the TLS Enabled checkbox to enable Transport Layer Security (TLS).</p>
 <p>This option is enabled by default.</p>
 </li>
 <li>
 <p>Select the Client Authentication Enabled checkbox to require clients to identify themselves to the server on every request.</p>
 <p>This option is disabled by default.</p>
 </li>
 <li>
 <p>In the Certificate Nickname field, type the nickname of the server certificate in the certificate database or the PKCS#11 token.</p>
 <p>In the certificate, the name format is <i>tokenname</i><code>:</code><i>nickname</i>. Including the <i>tokenname</i><code>:</code> part of the name in this attribute is optional.</p>
 </li>
 <li>
 <p>In the Key Store field, type the name of the keystore file (for example, <code>keystore.jks</code>).</p>
 </li>
 <li>
 <p>In the Trust Algorithm field, type the name of the trust management algorithm (for example, PKIX) to use for certification path validation.</p>
 </li>
 <li>
 <p>In the Max Certificate Length field, type the maximum number of non-self-issued intermediate certificates that can exist in a certification path.</p>
 <p>This field is used only if the Trust Algorithm field is set to PKIX. A value of 0 implies that the path can only contain a single certificate. A value of -1 implies that the path length is unconstrained (there is no maximum). Setting a value less than -1 causes an exception to be thrown.</p>
 </li>
 <li>
 <p>In the Trust Store field, type the name of the truststore file (for example, <code>cacerts.jks</code>).</p>
 </li>
 <li>
 <p>In the Cipher Suites area, specify the cipher suites to be used.</p>
 <p>If you do not add any cipher suites, all cipher suites will be used.</p>
 </li>
 <li>
 <p>Click OK.</p>
 </li>
 </ol>
 <a id="sthref11" name="sthref11"></a>
 <h5>See Also</h5>
 <ul>
 <li>
 <p><a href="task-orb.html">To Configure the ORB</a></p>
 </li>
 <li>
 <p><a href="task-iioplistenernew.html">To Create an IIOP Listener</a></p>
 </li>
 <li>
 <p><a href="task-iioplisteneredit.html">To Edit an IIOP Listener</a></p>
 </li>
 <li>
 <p><a href="task-iioplistenerdelete.html">To Delete an IIOP Listener</a></p>
 </li>
 </ul>


 <small>Copyright &#169; 2005, 2017, Oracle and/or its affiliates. All rights reserved. <a href="docinfo.html">Legal Notices</a></small>
	<!--

	Copyright (c) 2005, 2018 Oracle and/or its affiliates. All rights reserved.

	This program and the accompanying materials are made available under the
	terms of the Eclipse Public License v. 2.0, which is available at
	http://www.eclipse.org/legal/epl-2.0.

	This Source Code may also be made available under the following Secondary
	Licenses when the conditions for such availability set forth in the
	Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
	version 2 with the GNU Classpath Exception, which is available at
	https://www.gnu.org/software/classpath/license.html.

	SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0

	-->

	<p><a id="task-editiiopssl" name="task-editiiopssl"></a><a id="GHCOR00009" name="GHCOR00009"></a></p>

	<h4><a id="sthref9" name="sthref9"></a><a id="sthref10" name="sthref10"></a>To Edit SSL Settings for a Secure IIOP Listener</h4>
	<a name="BEGIN" id="BEGIN"></a>
	<ol>
	<li>
	<p>In the tree component, expand the Configuration node.</p>
	</li>
	<li>
	<p>Under the Configuration node, expand the ORB node.</p>
	</li>
	<li>
	<p>Select the IIOP Listeners node.</p>
	<p>The IIOP Listeners page opens.</p>
	</li>
	<li>
	<p>In the table, click the name of the listener to be edited.</p>
	<p>The Edit IIOP Listener page opens.</p>
	</li>
	<li>
	<p>If the Security Enabled checkbox is selected, click the SSL tabbed pane to modify the Secure Socket Layer settings of this IIOP listener.</p>
	<p>The SSL page opens.</p>
	</li>
	<li>
	<p>On the SSL page, select the SSL3 Enabled checkbox to enable SSL3.</p>
	<p>This option is enabled by default.</p>
	</li>
	<li>
	<p>Select the TLS Enabled checkbox to enable Transport Layer Security (TLS).</p>
	<p>This option is enabled by default.</p>
	</li>
	<li>
	<p>Select the Client Authentication Enabled checkbox to require clients to identify themselves to the server on every request.</p>
	<p>This option is disabled by default.</p>
	</li>
	<li>
	<p>In the Certificate Nickname field, type the nickname of the server certificate in the certificate database or the PKCS#11 token.</p>
	<p>In the certificate, the name format is <i>tokenname</i><code>:</code><i>nickname</i>. Including the <i>tokenname</i><code>:</code> part of the name in this attribute is optional.</p>
	</li>
	<li>
	<p>In the Key Store field, type the name of the keystore file (for example, <code>keystore.jks</code>).</p>
	</li>
	<li>
	<p>In the Trust Algorithm field, type the name of the trust management algorithm (for example, PKIX) to use for certification path validation.</p>
	</li>
	<li>
	<p>In the Max Certificate Length field, type the maximum number of non-self-issued intermediate certificates that can exist in a certification path.</p>
	<p>This field is used only if the Trust Algorithm field is set to PKIX. A value of 0 implies that the path can only contain a single certificate. A value of -1 implies that the path length is unconstrained (there is no maximum). Setting a value less than -1 causes an exception to be thrown.</p>
	</li>
	<li>
	<p>In the Trust Store field, type the name of the truststore file (for example, <code>cacerts.jks</code>).</p>
	</li>
	<li>
	<p>In the Cipher Suites area, specify the cipher suites to be used.</p>
	<p>If you do not add any cipher suites, all cipher suites will be used.</p>
	</li>
	<li>
	<p>Click OK.</p>
	</li>
	</ol>
	<a id="sthref11" name="sthref11"></a>
	<h5>See Also</h5>
	<ul>
	<li>
	<p><a href="task-orb.html">To Configure the ORB</a></p>
	</li>
	<li>
	<p><a href="task-iioplistenernew.html">To Create an IIOP Listener</a></p>
	</li>
	<li>
	<p><a href="task-iioplisteneredit.html">To Edit an IIOP Listener</a></p>
	</li>
	<li>
	<p><a href="task-iioplistenerdelete.html">To Delete an IIOP Listener</a></p>
	</li>
	</ul>


	<small>Copyright © 2005, 2017, Oracle and/or its affiliates. All rights reserved. <a href="docinfo.html">Legal Notices</a></small>