Macromedia breeze 5 Betriebsanweisung
Configuring FCS for SSL
79
Locating the required SSL tags in the Server.xml file
The SSL-enabling tags in the Server.xml file occur in the following sequence:
•
SSLEngine
•
SSLRandomSeed
•
SSLSessionCacheGC
•
SSLVerifyCertificate
•
SSLCACertificatePath
•
SSLCACertificateFile
•
SSLVerifyDepth
•
SSLCipherSuite
Defining the SSL tags in FCS
The following table lists the tags in the Adaptor.xml and Server.xml files that configure FCS for
SSL.
SSL.
FCS File
XML Tag
Default Description
Adaptor.xml Redirect
[none]
Specifies whether unknown requests are
redirected to an external server such as Breeze.
When FCS receives an unknown request, the
request is redirected to the specified redirect
host. For redirection to work, HTTP tunneling
must be enabled.
You can control which port on the redirect host
will listen for redirected traffic:
Request redirection to a specific host can be
<Redirect enable=false>
redirected to an external server such as Breeze.
When FCS receives an unknown request, the
request is redirected to the specified redirect
host. For redirection to work, HTTP tunneling
must be enabled.
You can control which port on the redirect host
will listen for redirected traffic:
Request redirection to a specific host can be
<Redirect enable=false>
<Host port="80">:8080</Host>
<Host port="443">:8443</Host>
</Redirect>
Adaptor.xml SSLCertificateFile
[none]
Specifies the location of the certificate file to send
to the client. If an absolute path is not specified,
the certificate is assumed to be located relative to
the Adaptor directory.
to the client. If an absolute path is not specified,
the certificate is assumed to be located relative to
the Adaptor directory.
Adaptor.xml SSLCertificateKeyFile
type = PEM
PEM
Specifies the location of the private key file for the
certificate. If an absolute path is not specified, the
key file is assumed to be located relative to the
Adaptor directory. If the key file is encrypted, the
pass phrase must be specified in the
SSLPassPhrase
certificate. If an absolute path is not specified, the
key file is assumed to be located relative to the
Adaptor directory. If the key file is encrypted, the
pass phrase must be specified in the
SSLPassPhrase
tag.
The type attribute specifies the type of encoding
used for the certificate key file. This can be either
PEM
used for the certificate key file. This can be either
PEM
or ASN1.