iTP Secure WebServer System Administrator's Guide (iTPWebSvr 5.1+)

ManualsBrandsHP ManualsServerHP NonStop G-Series

131

132

133

134

135

136

137

138

139

140

Configuring the iTP Secure WebServer

iTP Secure WebServer System Administrator’s Guide—522659-001

7-8

Configuring Global Session Key Caching

Example 7-2. Sample httpd.stl.config File

#VERSION=3.0

# httpd.stl.config

# Configure the required Secure Transport information

# Disable transmission of SSLv3 close_notify alert messages to

# Microsoft browsers.

Region /* {

if {[info exists HEADER(user-agent)]

&& [string match "*MSIE*" $HEADER(user-agent)]} {

DisableCloseNotify

}

KeyDatabase $root/conf/test_key.db

ServerPassword WebServer

AcceptSecureTransport -transport /G/ZTC0 -port 443 -cert

{CN=Test Key, OU=Testing Only, O=Tandem Computers,Inc.,

ST=California,C=US}

Region /*/ssl-sample-dir {

RequireSecureTransport

}

# Optional Global Session Key Cache server configuration

set GlobalCache OFF

#set CacheSize 1000

#set CacheExpiration 86400

if { [string match "ON" $GlobalCache] } {

SK_GlobalCache $GlobalCache

# SK_GlobalCacheTimeout 50

Server $root/bin/gcache {

eval $DefaultServerAttributes

Maxservers 1

Maxlinks 50

Linkdepth 50

Numstatic 1

# Env TRACEFILE=$root/logs/gctrace.log

Env ERRORFILE=$root/logs/gcerror.log

if {[info exists CacheSize]} {

Env SK_CacheSize=$CacheSize

}

if {[info exists CacheExpiration]} {

Env SK_CacheExpiration=$CacheExpiration

}