iTP Secure WebServer System Administrator's Guide (Version 7.0)

ManualsBrandsHP ManualsServerHP NonStop G-Series

311

312

313

314

315

316

317

318

319

320

Configuration Directives

iTP Secure WebServer System Administrator’s Guide—523346-012

A-8

Description

For integrity checking, you can use either the MD5 or SHA cipher.

-name server-name

Use the -name argument to specify the name used to refer to the server. The iTP

Secure WebServer uses this name whenever it needs to generate a URL that

refers to itself, such as with anchor specifications in HTML files.

The name you specify must be a valid name or alias registered with the Domain

Name Server (DNS). For more information about setting up an alias, consult your

system documentation or network administrator. If no -name option is specified,

the iTP Secure WebServer uses the server address (server-addr) if -address is

specified. Otherwise, the iTP Secure WebServer uses the host name of the

machine on which it is running.

-port port-num

Use the -port argument to configure the server to check for connections on a

specified port (port-num).

The standard port number for SSL and PCT connections is 443. If you choose

another port, check the $SYSTEM.ZTCPIP.SERVICES file to check that this port is

not already allocated to another service.

If you choose any port number less than 1024, you need to be root (superuser) to

start the iTP Secure WebServer. The default port number 443 is used if no -port

argument is specified.

Table A-3 on page A-9 describes the actions that the iTP Secure WebServer takes

based on the type of SSL client-hello response message that can be received

along with the configuration options set. For additional information about the

HTTPS_PROTOCOL_VERSION CGI environment variable setting listed in this table,

see Table 8-1 on page 8-11.

-webSafe [pathmon_name:] serverclass_name

Use the -websafe argument to enable a virtual host to use the WebSafe2 unit,

even if other virtual hosts do not use it, or to enable different virtual hosts to use

EXP-RC4-MD5 Yes Yes Yes Yes

EXP-RC4-SHA1 Yes No No Yes

EXP-RC2-CBC-MD5 Yes Yes Yes Yes

EXP-RC2-CBC-SHA1 Yes No No Yes

* Support provided if you are using a WebSafe2 unit with firmware 2611 or later.

Note. This option is supported only on systems running G-series RVUs.

Table A-2. Cipher Pairs Supported (by Protocol) (page2of2)

Cipher

Allowed

Global SSL 2.0 SSL 3.0 PCT