Manualshelf

HP Cache Server Appliance Administrator Guide

ManualsBrandsHP ManualsServerHP Web Cache Server Appliance sa2100
919293949596979899100
87
Chapter 11 Security Options
6. Run the command traffic_line -x to apply the configuration changes.
Using SSL for secure administration
Traffic Server supports the Secure Sockets Layer protocol (SSL) to provide protection for remote
administrative monitoring and configuration using Traffic Manager. SSL security provides authentication of
both ends of a network connection using certificates and provides privacy using encryption.
To use SSL, you must:
Obtain an SSL certificate
Enable Traffic Manager SSL option
Access Traffic Manager using the
https command
Obtaining an SSL Certificate
You can obtain an SSL certificate from a recognized certificate authority (for example VeriSign).
Install the certificate in Traffic Server’s
config directory, and then either rename the certificate to the
default filename
private_key.pem or change the value of the
proxy.config.admin.ssl_cert_file variable in the records.config file to specify the file name
of the certificate.
Enabling SSL
After you have obtained an SSL certificate, you can enable SSL by using Traffic Manager or by editing a
configuration file manually. Both procedures are provided below.
To enable SSL from Traffic Manager:
1. Access Traffic Manager from your browser (refer to Accessing Traffic Manager‚ on page 8).
2. On the Configure tab, click the Security button.
The Security page opens displaying the Control Access to the Traffic Server Manager section at the top
of the page.
3. Click the SSL: On button to enable SSL.
4. Click the Make These Changes button.
To enable SSL manually:
1. Telnet into the HP web cache appliance and select Shell Access as described in Overview of Access
Methods‚ on page 7.
2. Open the
records.config file located in Traffic Server’s config directory with Vi.
3. Edit the following variable:
4. Save and close the records.config file.
5. Run the command
traffic_line -x to apply the configuration changes.
NOTE The SSL button displays only if you have obtained an SSL certificate and have
copied it to Traffic Server’s
config directory.
Variable Description
proxy.config.admin.use_ssl
Setthisvariableto1toenableSSL.