The VersaLex application contains an embedded web server for receiving HTTP requests and directing them to the appropriate VersaLex service, based on the requested resource path.
- Click the Local Listener in the tree pane, and then click the HTTP tab.
- Specify parameter values as appropriate.
- Click Apply.
The values you specified are saved.
HTTP Local Listener reference
- Automatically run at startup
- Select this check box to have the receiver automatically start each time the VersaLex application is launched.
- HTTP
- Allow remote host or user to send requests over clear-text HTTP.
- Specify a Port number. 5080 is the default for HTTP. Port number 80 is standard for clear-text HTTP. You can also use any other unused port value in the range of 1024 - 65535. Using non-standard HTTP ports in the range of 1 - 1023 might interfere with port numbers reserved by TCP/IP for other purposes.
- You can configure HTTP to listen on multiple ports by separating the field values with commas. For example, suppose you specified port 5080, but you have some trading partners who have outbound firewall restrictions and can only send to port 80. Specifying 5080,80 in the Port field allows the firewall-restricted trading partners to be able to send to your server while allowing you to continue to accept inbound messages from your other trading partners on port 5080.
- HTTP/s
- Allow remote host or user to send requests over both clear-text, non-secure HTTP and encrypted HTTP.
- Specify a Port number. There is no default for HTTP/s. Port number 443 is standard for HTTP/s and 5443 is suggested. You can also use any other unused port value in the range of1024 - 65535. Using non-standard HTTP ports in the range of 1 - 1023 might interfere with port numbers reserved by TCP/IP for other purposes.
- You can configure HTTP/s to listen on multiple ports by separating the field values with commas. For example, suppose you specified port 5443, but you have some trading partners who have outbound firewall restrictions and can only send to port 443. Specifying 5443,443 in the Port field allows the firewall-restricted trading partners to be able to send to your server while allowing you to continue to accept inbound messages from your other trading partners on port 5080.
-
Note: If you enable HTTPs, you must apply an SSL server certificate. If that certificate contains the keyEncipherment
attribute, the digitalSignature
attribute must also be used. Otherwise, the Local Listener will not start.
- SSL Server Certificate
- If you select HTTP/s, select a valid SSL Server Certificate. Click Browse... to navigate to and select a certificate. Then, enter the Password for the SSL Server Certificate's private key.
- Authenticate Client
- If you select HTTP/s, select Authenticate Client to require the SSL client to provide a valid certificate during SSL negotiation.
- Authentication Certificates
- By default, all of the Certificate Manager Trusted CA and user certificates are accepted for client authentication. To change this, use the Authentication Certificates button to establish the list of accepted FTP client authentication certificates, which can be:
- all of the local HTTP user certificates and/or
- all or a subset of the trusted CA certificates and/or
- all or a subset of the user certificates.
This option must be decided and agreed upon between trading partners before sending messages via SSL. After changing this setting, stop and restart the VersaLex service or daemon to clear cached SSL sessions.
- Optional
- If you select HTTP/s, select the Optional check box to request (but not require) the SSL client to provide a certificate.
- Requesting but not requiring client authentication only makes sense if clients can also authenticate by other means (for example, WWW-authentication or signing certificate).
Note: Non-optional client authentication is not compatible with HTTP Portal Applets. The applet will not be able to initialize in the browser without a client certificate. See
Configuring access for HTTP host users.
- These settings must be decided and agreed upon between trading partners before sending messages via SSL. After changing this setting, stop and restart the VersaLex service or daemon to clear cached SSL sessions.
Note: If you configure an HSP host, you must either select both the Authenticate Client check box and the Optional check box or neither. HSP will fail if you select the Authenticate Client check box and not the the Optional check box.
- Exchange Certificates
- Click Exchange Certificates to send the SSL Server Certificate to your trading partner(s). See Exchanging certificates with your trading partner for further information.
Comments
0 comments
Please sign in to leave a comment.