• Spaces
  • People
  • Help
    • BMC Support Central BMC Community BMC.com
    ×
    BMC TrueSight Infrastructure Management 9.6

    Page tree

    You can enable client authentication by setting the pronet.jserver.ssl.authenclient=true property. When client authentication is enabled, JServer prompts each client requesting a connection to present a certificate of authentication. 

    If Java Administration is launched from Microsoft Windows, you must change pronet.conf on Microsoft Windows as well.

    If the Administration Console is launched on a different computer than the computer where jserver is running, then you have to change etc/pronet.conf on both computers, so they refer to the same certificate.

    JServer properties

    The following properties control the JServer secure settings:

    pronet.jserver.ssl.secure=false
## ssl properties for jserver, valid only when rmi.server.secure is true
pronet.jserver.ssl.algorithm=SunX509
## besides JKS, we also support pkcs12 format keystore for SunX509
pronet.jserver.ssl.keystore.provider=JKS
## jserver certificate keystore file name in /usr/pronto/conf/
pronet.jserver.ssl.keystore.filename=pnserver.ks
## if you change the jserver keystore password, be sure to update the passwdfile
pronet.jserver.ssl.keystore.passwdfile=.ks_pass
## as default, jserver does not ask certificate from java admin
## if changed to true, be sure to set relevant props in pronet.admin section below
pronet.jserver.ssl.authenclient=false
## set ssl debug, could be all, ssl, handshake
#pronet.jserver.ssl.debug=all
## enabled cipher suite, default is all the suites in jsse
#pronet.jserveradmin.ssl.enabledsuites=SSL_RSA_WITH_RC4_128_SHA

    Java admin properties 

    The following properties control the Java Admin secure settings:

    ## we do not do admin authentication, but if jserver.ssl.authenclient 
## is set to true, then following admin ssl properties need to be set correctly
##
## the following two settings are default
pronet.admin.ssl.algorithm=SunX509
pronet.admin.ssl.keystore.provider=JKS
## after obtaining a certificate for Java Admin, save it to this keystore in conf folder
#pronet.admin.ssl.keystore.filename=jadmin.ks
## password is specified by pronet.admin.keystore.passwd in [.ks_pass]
#pronet.admin.ssl.keystore.passwdfile=.ks_pass
## set ssl debug, could be all, ssl, handshake
#pronet.admin.ssl.debug=all
    © Copyright 2005-2023 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.