Manualshelf

HP XP P9000 Command View Advanced Edition Suite Software 7.6.1-00 Administrator Guide

ManualsBrandsHP ManualsSoftwareHP Command View XP AE Media Kit
181182183184185186187188189190
2. Specify the path to the private key and the path to the server certificate for each directive in the
httpsd.conf file, and remove the hash mark (#) at the beginning of the lines.
In Windows:
installation-folder-for-Common-Component\httpsd\conf\httpsd.conf
In Linux:
installation-directory-for-Common-Component/httpsd/conf/httpsd.conf
ServerName host-name
:
Listen 23015
#Listen [::]:23015
SSLDisable
SSLSessionCacheSize 0
Listen 23016
#Listen [::]:23016
<VirtualHost *:port-number>
ServerName host-name
SSLEnable
SSLProtocol SSLv3 TLSv1
SSLRequiredCiphers AES256-SHA:AES128-SHA:DES-CBC3-SHA
SSLRequireSSL
SSLCertificateFile server-certificate-for-Common-Component
SSLCertificateKeyFile private-key-for-Common-Component
# SSLCACertificateFile server-certificate-of-certificte-authority
SSLSessionCacheTimeout 3600
</VirtualHost>
For the ServerName directives in the following locations, specify the host name (for cluster
environments, specify the logical host name) that you specified for Common Name in the
certificate signing request. Note that host names are case sensitive.
- ServerName at the beginning of the httpsd.conf file
- ServerName enclosed by <VirtualHost> and </VirtualHost>
Even if SSL is enabled, do not delete or comment out the line Listen 23015 (default).
Note that if you want to interrupt non-SSL communication from outside the network to the
management server, open the httpsd.conf file and change the Listen 23015 to Listen
127.0.0.1:23015.
If you want to close the port for non-SSL communication that is used for communication in the
management server, set the port for non-SSL communication of HBase Storage Mgmt Web
Service to closed.
If you are using an IPv6 environment, remove the hash mark (#) at the beginning of the lines
#Listen [::]:23015 and #Listen [::]:23016.
For <VirtualHost>, usually specify an asterisk (*), although you can also specify a host
name.
For operation in advanced security mode, add the SSLProtocol and SSLRequired-
Ciphers directives to limit the cipher strength.
For the SSLCertificateFile directive, specify the absolute path to the signed server
certificate sent back from the certificate authority or the absolute path to the self-signed certi-
ficate file.
Security186