上一主题: 将通信通道重新绑定到正在使用中的端口下一主题: SSL 属性规则

配置企业管理器通信默认的企业管理器通信通道配置 SSL

配置 SSL

针对 SSL 配置企业管理器是在 IntroscopeEnterpriseManager.properties 中进行的,这是通过启用安全的通信通道实现的。 这可以作为默认的非安全通道的补充。

以下是同时启用了安全和非安全通信通道的示例。 它在端口 5001 上设置了默认的非安全侦听程序,在端口 5443 上设置了安全的侦听程序:

# The enabled communication channels.
introscope.enterprisemanager.enabled.channels=channel1, channel2

# The default communication channel.
introscope.enterprisemanager.serversocketfactory.channel1=com.wily.isengard.postofficehub.link.net.server.DefaultServerSocketFactory
introscope.enterprisemanager.port.channel1=5001

# The secure communication channel.
introscope.enterprisemanager.serversocketfactory.channel2=com.wily.isengard.postofficehub.link.net.server.SSLServerSocketFactory
introscope.enterprisemanager.port.channel2=5443
# Location of a keystore containing certificates for authenticating the Enterprise Manager to clients.
# Either an absolute path or a path relative to the config directory.
# On Windows, backslashes must be escaped.  例如:
# introscope.enterprisemanager.keystore.channel1=C:\\Introscope\\config\\internal\\server\\keystore
introscope.enterprisemanager.keystore.channel2=internal/server/keystore
# The password for the keystore.
# Set this property to true to enable encryption of introscope.enterprisemanager.keypassword.channel2
# Once introscope.enterprisemanager.keypassword.channel2 is encrypted,
# this property is automatically set to false.
# 
# To change the existing password, enter the new password and set this property to true.
# Note: If this property is set to true and the password is not changed, the existing encrypted password will be encrypted again.
# If password field for a new channel is configured, add the corresponding
# plaintextpassword field and set it to true to enable encryption. 
introscope.enterprisemanager.keypassword.channel2.plaintextpassword=true
introscope.enterprisemanager.keypassword.channel2=password
# Location of a truststore containing trusted client certificates.
# Either an absolute path or a path relative to the config directory.
# On Windows, backslashes must be escaped.  例如:
# introscope.enterprisemanager.truststore.channel1=C:\\Introscope\\config\\internal\\server\\keystore
# A truststore is only needed if client authentication is required.
# Set this property to true to enable encryption of introscope.enterprisemanager.trustpassword.channel2
# Once introscope.enterprisemanager.trustpassword.channel2 is encrypted,
# this property is automatically set to false.
# 
# To change the existing password, enter the new password and set this property to true.
# Note: If this property is set to true and the password is not changed, the existing encrypted password will be encrypted again.
# If password field for a new channel is configured, add the corresponding  
# plaintextpassword field and set it to true to enable encryption. 
# introscope.enterprisemanager.trustpassword.channel2.plaintextpassword=false
# The password for the truststore
#introscope.enterprisemanager.trustpassword.channel2=password
# If no truststore is specified, the Enterprise Manager trusts all client certificates.