iTP Secure WebServer System Administrator's Guide (iTPWebSvr 5.1+)

ManualsBrandsHP ManualsServerHP NonStop G-Series

311

312

313

314

315

316

317

318

319

320

Configuration Directives

iTP Secure WebServer System Administrator’s Guide—522659-001

A-7

AcceptSecureTransport

For integrity checking, you can use either the MD5 or SHA cipher.

-name server-name

Use the -name argument to specify the name used to refer to the server. The iTP

Secure WebServer uses this name whenever it needs to generate a URL that refers to

itself, such as with anchor specifications in HTML files.

The name you specify must be a valid name or alias registered with the Domain

Name Server (DNS). For more information about setting up an alias, consult your

system documentation or network administrator. If no -name option is specified,

the iTP Secure WebServer uses the server address (server-addr) if -address is

specified. Otherwise, the iTP Secure WebServer uses the host name of the machine

on which it is running.

-port port-num

Use the -port argument to configure the server to check for connections on a

specified port (port-num).

The standard port number for SSL and PCT connections is 443. If you choose

another port, check the $SYSTEM.ZTCPIP.SERVICES file to ensure that this port is

not already allocated to another service.

If you choose any port number less than 1024, you need to be root (superuser) to

start the iTP Secure WebServer. The default port number 443 is used if no -port

argument is specified.

-websafe pathmon:server-class

Use the -websafe argument to enable a virtual host to use the WebSafe2 unit,

even if other virtual hosts do not use it, or to enable different virtual hosts to use

different WID server classes. Use

pathmon:server-class to specify the name of

the PATHMON process and the name of the WID server class that controls the

WebSafe2 unit. If you omit the PATHMON process name, the server class is

presumed to be in the same PATHMON environment as the httpd process.

The

-websafe argument requires the -nopct option, because the WebSafe2 unit

does not currently support the PCT protocol.

EXP-RC2-CBC-MD5 Yes Yes Yes Yes

EXP-RC2-CBC-SHA1 Yes No No Yes

* Support provided if you are using a WebSafe2 unit with firmware 2611 or above.

Table A-2. Cipher Pairs Supported (by Protocol) (page 2 of 2)

Cipher

Allowed

Global SSL 2.0 SSL 3.0 PCT