Appendix B Repository Properties Reference
Security
property names begin with com.sybase.jaguar.security
. Security
entities can represent security profiles, used to configure SSL settings
for server listeners, and security identities, used for intercomponent
calls and interserver authentication. The com.sybase.jaguar.security.type property determines
what type the entity is.
Not all security properties apply to both identities and profiles. If a property applies only to one or the other, the description will say so.
Specifies a text description of the identity or profile.
desc
Where desc is the descriptive text.
For profiles, specifies the time in seconds to cache SSL session parameters. Not used for identities.
An integer value representing the cache timeout in seconds. If not set, the default is 28800 (which equals 8 hours).
com.sybase.jaguar.security.sesscachesize
Specifies the name of the SSL certificate. This property is always required for security profiles. For identities, this property is required if the com.sybase.jaguar.security.qoss property specifies a security characteristic that requires mutual SSL authentication.
The text of the certificate label, for example:
Sample1 Test ID
com.sybase.jaguar.security.qoss
For profiles or identities that use Entrust PKI software to manage certificates, specifies the full path to the Entrust INI file that provides information on how to access Entrust.
The full path to the file, for example on Windows platforms:
c:\program files\entrust\entrust.ini
Or on a UNIX platform:
/opt/Entrust/clients/entrust.ini
The actual path depends on where you or your system administrator have installed the Entrust software.
This property must be set when the com.sybase.jaguar.security.tokentype property is set to "entrust".
For profiles or identities that use Entrust PKI software to manage certificates, specifies the password for access to the Entrust user profile.
The password text. Values are encrypted in the repository.
This property must be set when the com.sybase.jaguar.security.tokentype property is set to "entrust".
com.sybase.jaguar.security.entrustuserprofile
For profiles or identities that use Entrust PKI software to manage certificates, specifies the full path to the Entrust user profile, which is an operating system file.
The full path to the file, for example on Windows platforms:
c:\my documents\entrust\CN=Sample Entrust User, O=Sybase, C=US.epf
Or on a UNIX platform:
/opt/Entrust/certs/CN=Sample Entrust User, O=Sybase, C=US.epf
The actual path depends on where you or your system administrator have created the Entrust profile.
This property must be set when the com.sybase.jaguar.security.tokentype property is set to "entrust".
Specifies the profile or identity name.
app-name
Where app-name is the application name.
For identities or profiles, specifies the password to access the Sybase certificate database.
The password text. Values are encrypted in the repository.
For identities or profiles, specifies the name of the security characteristic to use. For profiles, the security characteristic determines the minimum level of security acceptable for an incoming connection. For identities, the security characteristic determines the minimum level of security acceptable for outgoing connections.
If a value is specified, it must match the name of the security profile. The EAServer Security Administration and Programming Guide describes the available security profile names. The list of available profiles can be retrieved programmatically using the CtsSecurity::SSLServiceProvider interface.
For identities, if this property is not set, or set with no value, outgoing connections do not use SSL. For profiles, this property must be set to the name of a security characteristic.
For profiles, specifies the size of SSL session cache. Not used for identities.
An integer that specifies the number of SSL sessions to cache. If no value is specified, the default is the value of the com.sybase.jaguar.server.maxconnections server property.
com.sybase.jaguar.security.cachetime
For profiles, specifies the maximum number of concurrent SSL sessions that can share the same session parameters. Not used for identities.
An integer number. If no value is specified, the default is 10.
For an identity, specifies the user name to be used for component invocations or outgoing interserver connections.
The user name.
com.sybase.jaguar.security.specifiedidentitypassphrase
For an identity, specifies the password to be used for component invocations or outgoing interserver connections.
The password text. Values are encrypted in the repository.
com.sybase.jaguar.security.specifiedidentity
Specifies whether to use the Sybase SSL certificate database or an Entrust certificate.
Allowable values are sybase
and entrust
.
Specifies the security entity type.
Allowable values are:
| Value | To indicate |
|---|---|
| identity | An identity |
| listener | A security profile |
| Copyright © 2002 Sybase, Inc. All rights reserved. |
| |