[ome-users] SSL configuration for Server and Client
Huw Lynes
lynesh at cardiff.ac.uk
Thu Jun 4 14:54:26 BST 2009
On Thu, 2009-06-04 at 13:33 +0100, Huw Lynes wrote:
> We now have a working Omero server for testing. Thanks for all the help
> so far.
>
> I've been trying to follow the security documentation to send the Ice
> server information over an encrypted port.
> http://www.openmicroscopy.org/site/support/omero4/server/security
>
> The server side of the configuration seems to work. If I restart the
> server the port changes from 4063 to 4064.
>
> However I'm having trouble with the client configuration. I've
> downloaded the beta4 client bundle and created an ssl.config file
> containing the appropriate config lines.
>
> The docs then say to run:
>
> ICE_CONFIG=ssl.config python
>
OK got a bit further with this.
If I do
export ICE_CONFIG=ssl.config
and then run importer or insight it reads the ssl.config file but
refuses to connect.
SSL config on the server looks like:
default.xml
<server-instance template="Glacier2Template"
client-endpoints="ssl -p 4064"
session-timeout="300"
server-endpoints="tcp -h 127.0.0.1"/>
templates.xml
<property name="Ice.Plugin.IceSSL"
value="IceSSL:createIceSSL"/>
<property name="Ice.Default.Router"
value="MERO.Glacier2/router:ssl -
p 4064 -h localhost"/>
<property name="IceSSL.Ciphers" value="ADH"/>
<property name="IceSSL.VerifyPeer" value="0"/>
client side looks like:
Ice.Plugin.IceSSL=IceSSL:createIceSSL
Ice.Default.Router=OMERO.Glacier2/router:ssl -p 4064 -h omero.cf.ac.uk
IceSSL.Ciphers=ADH
IceSSL.VerifyPeer=0
Thanks,
Huw
--
Huw Lynes | Advanced Research Computing
HEC Sysadmin | Cardiff University
| Redwood Building,
Tel: +44 (0) 29208 70626 | King Edward VII Avenue, CF10 3NB
More information about the ome-users
mailing list