For this parameter... | Specify... | ||
Enable | Whether to enable or disable this port. If you choose to disable the port, you can enable it later on the Ports screen. | ||
Protocol | The protocol to use for this port (HTTP or HTTPS). If you select HTTPS, additional security and credential boxes will be displayed at the bottom of the screen. | ||
Port | The number you want to use for the external port. Use a number that is not already in use. This is the port that clients will connect to through your outer firewall. | ||
Alias | An alias for the port. An alias must be between 1 and 255 characters in length and include one or more of the following: letters (a -z, A-Z), numbers (0-9), underscore (_), period (.), and hyphen (-). | ||
Description | A description of the port. | ||
Package Name | The package to associate with this port. You must specify the same package name for both external and registration ports. Typically, you will not need to work with packages on an Enterprise Gateway Server. Therefore, you can leave the default setting. | ||
Bind Address (optional) | The IP address to which to bind this port. Specify a bind address if your machine has multiple IP addresses and you want the port to use this specific address. If you do not specify a bind address, the server picks one for you. | ||
Backlog | The number of requests that can remain in the queue for an enabled port before Enterprise Gateway Server begins rejecting requests. The default is 200. The maximum value is 65535.
| ||
Keep Alive Timeout | How long to wait before closing an idle connection to a client. The default is 20000 ms. | ||
Threadpool | Whether to create a private thread pool for this port or use the common thread pool. To have the server use the common server thread pool for this port, select Disable. To have the server create a private thread pool for this port so that it does not need to compete with other server functions for threads, select Enable. If Threadpool is enabled, specify these additional parameters: Threadpool Min Minimum number of threads Enterprise Gateway Server maintains in this thread pool. When the server starts, the thread pool initially contains this minimum number of threads. The server adds threads to the pool as needed until it reaches the maximum allowed. The default is 1. Threadpool Max Maximum number of threads the server maintains in this thread pool. If this maximum number is reached, the server waits until services complete and return threads to the pool before running more services. The default is 5. Threadpool Priority Priority with which the JVM treats threads from this thread pool. The larger the number, the higher the priority. The default is 5.
When you view details for the port later, the server displays the total number of private threadpool threads currently in use for the port. |
For this parameter... | Specify... |
Enable | Whether to enable or disable this port. If you choose to disable the port, you can enable it later on the Ports screen. |
Protocol | The protocol to use for this port (HTTP or HTTPS). If you select HTTPS, additional security and credential boxes will be displayed at the bottom of the screen. |
Port | The number you want to use for the registration port. Use a number that is not already in use. It is best not to use a standard port such as 80 (the standard port for HTTP) or 443 (the standard port for HTTPS) because the external firewall will allow access to those ports from the outside world. |
Alias | An alias for the port. An alias must be between 1 and 255 characters in length and include one or more of the following: letters (a -z, A-Z), numbers (0-9), underscore (_), period (.), and hyphen (-). |
Description | A description of the port. |
Package Name | The package to associate with this port. You must specify the same package name for both external and registration ports. Typically, you will not need to work with packages on an Enterprise Gateway Server. Therefore, you can leave the default setting. |
Bind Address (optional) | The IP address to which to bind this port. Specify a bind address if your machine has multiple IP addresses and you want the port to use this specific address. If you do not specify a bind address, the server picks one for you. |
Note: | In a default Enterprise Gateway configuration, Enterprise Gateway Server does not perform client authentication. Rather, the server obtains authentication information (user/password or certificates) from the external client and passes this information to the Internal Server for authentication. However, you can have Enterprise Gateway Server perform client authentication as well. For details, see Performing Client Authentication on
Enterprise Gateway Server . |
Option | Description | ||
Username/Password | Enterprise Gateway Server will not request client certificates. For external ports, the server looks for user and password information in the header of requests coming from an external client. For registration ports, the server looks for user and password information from the Internal Server. | ||
Digest | For external ports, Enterprise Gateway Server uses password digest authentication. Enterprise Gateway Server looks for password digest information in the header of requests coming from an external client. | ||
Request Client Certificates | Enterprise Gateway Server will request client certificates. For external ports, the server requests client certificates for requests that come through this port. If the client does not present a certificate, the request proceeds using the user and password information contained in the request header. For registration ports, the server requests a client certificate from the Internal Server. If the Internal Server does not present a certificate, the request proceeds using the user and password information. | ||
Require Client Certificates | Enterprise Gateway Server will require client certificates. For external ports, Enterprise Gateway Server requires client certificates for all requests that come through this port. If the client does not supply a certificate, the request fails.
For registration ports, Enterprise Gateway Server requires a client certificate from the Internal Server. If the Internal Server does not supply a client certificate, the request fails. In addition, if the certificate is not mapped to a user with Administrator privileges on Enterprise Gateway Server, the request fails. | ||
Request Kerberos Ticket | For external ports, Enterprise Gateway Server requires client certificates for requests from external clients. If the external client does not supply a certificate, the request fails. | ||
Require Kerberos Ticket | For external ports, Enterprise Gateway Server looks for a Kerberos ticket from external clients. If the external client does not present a ticket, the request proceeds using the user and password information contained in the request header. | ||
Use JSSE | If this port should support TLS 1.1 or TLS 1.2, click Yes to create the port using the Java Secure Socket Extension (JSSE) socket factory. If you set this value to No, the port supports only SSL 3.0 and TLS 1.0. The default is Yes.
|
Note: | Use these settings only if you want to use a different set of credentials from the ones specified on the Certificates screen. |
For this parameter... | Specify... |
Keystore Alias | The keystore alias created for the keystore containing the certificate that Enterprise Gateway Server is to present to requests coming in through this port. |
Key Alias | The alias for a specific key in the specified keystore. |
Truststore Alias | The alias for the truststore file that contains the trusted root certificates associated with the CA signing authority. |