Software AG Products 10.5 | Administering Integration Server | Configuring WebSockets | Configuring a WebSocketSecure Ports
 
Configuring a WebSocketSecure Ports
The WebSocketSecure port enables Integration Server to secure the connections. By default, the WebSocket listener uses the certificates for the default Integration Server SSL key. However, you can configure the listener to use its own private key residing in an Integration Server keystore (file- or SmartCard/HSM-based). For more information, see Configuring Server-Side SSL Settings.
*To add a WebSocketSecure port
1. Open Integration Server Administrator if it is not already open.
2. In the Security menu of the Navigation panel, click Ports.
3. Click Add Port.
4. In the Add Port area of the screen, select webMethods/WebSocketSecure.
5. Click Submit. Integration Server Administrator displays a screen requesting information about the port.
6. Under WebSocket Listener Configuration, enter the following information:
Parameter
Specify
Enable
Indicate whether to enable (Yes) or disable (No) this WebSocketSecure listener.
Port
The number you want to use for the port. Select a number that is not already in use on this host machine.
Important:
If you are running multiple Integration Servers on the same host machine, make sure the port numbers used on each server are unique.
Alias
An alias for the port that is unique for this Integration Server. An alias must be between 1 and 255 characters in length and include one or more of the following: letters (a -z, A-Z), numbers (0-9), underscore (_), period (.), and hyphen (-).
Description
A description of the port.
Package name
Package associated with this port. When you enable the package, the server enables the port. When you disable the package, the server disables the port.
If you replicate this package, Integration Server creates a port with this number and the same settings on the target server. If a port with this number already exists on the target server, its settings remain intact. This feature is useful if you create an application that expects input on a specific port. The application will continue to work after it is replicated to another server.
Bind Address (optional)
IP address to which to bind this port. Specify a bind address if your machine has multiple IP addresses and you want the port to use this specific address. If you do not specify a bind address, the server picks one for you.
Backlog
The number of requests that can remain in the queue for an enabled port before Integration Server begins rejecting requests. The default is 6000. The maximum value is 65535.
Note:
This parameter does not apply to disabled ports. Integration Server refuses requests sent to disabled ports.
7. Under Threadpool Configuration, enter the following information:
Parameter
Specify
Threadpool Min
The minimum number of threads Integration Server maintains in this thread pool. The default is 10.
Threadpool Max
The maximum number of threads Integration Server maintains in this thread pool. The default is 200.
Threadpool Priority
Priority with which the Java treats threads from this thread pool. The larger the number, the higher the priority. The default is 5.
The default is 5.
Important:
Use this setting with extreme care because it will affect server performance and throughput.
8. Under WebSocket Policy, enter the following information:
Parameter
Specify
Idle Timeout(ms)
When to close the WebSocket client connection if the server has not received a request from the client within this timeout value (300000 milliseconds).
9. Under Security Configuration, enter the following information:
Parameter
Specify
Client Authentication
The type of client authentication you want Integration Server to perform for requests that arrive on this WebSocket port. Integration Server uses username/password.
10. Under Listener Specific Credentials, enter the following information:
Note:
Use these settings only if you want to use a different set of credentials from the ones specified on the Certificates Screen.
Parameter
Specify
Keystore Alias
Optional. A user-specified, text identifier for an Integration Server keystore.
The alias points to a repository of private keys and their associated certificates. Although each listener points to one keystore, there can be multiple keys and their certificates in the same keystore, and more than one listener can use the same keystore alias.
For more information, see Creating Keystore Aliases.
Key Alias
Optional. The alias for the private key, which must be stored in the keystore specified by the above keystore alias.
11. Click Save Changes.
12. On the Ports screen, click Edit to change the Access Mode if necessary. You may Set Access Mode to Allow by Default or Reset to default access settings.
Note:
If the port is of a WebSocket or WebSocketSecure, then the WebSocket endpoints will be displayed.
For more information about setting access mode for a port and controlling IP access for a port, see Controlling Access to Resources by Port
13. On the Ports screen, also check the list of ports to ensure that the status in the Enabled column is Yes. If it is not, click No to enable the port.