CORBA 2.6.1 Administration Guide

ManualsBrandsHP ManualsServerHP NonStop G-Series

database records. If you use the same program profile for different server programs, incorrect server behavior is likely.

When an object in a server program creates an object reference, the ORB component uses information from a number of sources. The transport

protocols specified in the program profile determine the protocols that appear in the generated object references. The portable object adapter

(POA) policies in effect when an object reference is created also influence the contents of the object reference. The effects of the POA policies

depend on the particular transport protocol. Details about these relationships are explained in:

Pathsend Protocol

File System Protocol

IIOP/SSL Protocol

IIOP Protocol

The following table shows the server protocol keys and values that can appear in a NonStop CORBA program profile.

Server Protocol Keys and Values

Key Possible

Values

Default

Value

Operational Characteristics

tsmp_server

true or false

false

Pathsend protocol: Uses the TS/MP context-sensitive protocol.

fs_server

true or false

false

File system protocol: Uses the NonStop File System operations (for example,

FILE_OPEN_, WRITEREADX, FILE_CLOSE_).

tcp_server

true or false

false

IIOP protocol: Uses socket operations on the target object's host name and port

number.

ssl_only

true or false

false

IIOP without SSL disabled.

ssl_port

Integer None Identifies the server’s listening port and enables the IIOP/SSL protocol for the

server side.

ssl_verify_peer

true or false

false

Requests and authenticates the client’s certificate. Establishes trust in client.

ssl_verify_context

subject

cert

certchain

None

Subject is the Subject's DN in the certificate.

Peer certificate is inserted into the SSLIOP service context.

Peer certificate chain is inserted into the SSLIOP service context.

Protocols Common to both Clients and Servers

The following keys and values can be used for either C++ clients or servers.

Key Value Default Operational Characteristics

CA_file

OSS

path/filename

None The name of a file containing trusted CA certificates in

PEM format. More than one certificate may be present in

the file. Note that to protect against unauthorized writes,

CA_file should be secured with the proper permissions.

CA_path

OSS path None The name of a directory containing trusted CA

certificates in PEM format. Each file in the directory must

contain only one CA certificate, and the files must be

named by the subject name's hash and an extension of

“.0” Note that to protect against unauthorized writes,

CA_path should be secured with the proper permissions.

keystore

OSS

pathfile/filename

SSLIOP_DEFAULT followed by the JSSE

default KeyManager and its default

keystore defined by the

javax.net.ssl.keyStore property.

The keystore file.

keystore_pswd

OSS

pathfile/filename

If keystore defaults to

SSLIOP_DEFAULT/keystore, then the

default

SSLIOP_DEFAULT/keystore_pswd. If

keystore defaults to the

javax.net.ssl.keyStore property, then

the default is

javax.net.ssl.keyStore

property.

An OSS file containing the

keystore file password. If the

keystorePassword property is used, it identifies the

password.

ssl_version

TLSv1 or SSLv3

SSLv3

The specific SSL protocol version to use. TLSv1 or SSLv3