Extended parameters of the module *HTTP
Select the *HTTP module by entering option number 8 into the corresponding choice box. In the dialog program "Change i-effect Module Data", parameters can now be modified.
The following options for the *HTTP module can be set:
| SSL Details: | ||
| SSL | This parameter controls the protocol to be used. Determine whether HTTP communication is to be established via SSL/HTTPS (Secure Socket Layer) or standard HTTP. | |
| *YES | YES, the connection is established via SSL/HTTPS | |
| *NO | NO, the connection is established via standard HTTP. | |
| Use Client Authentication? | If *YES is set in the "SSL" parameter, this parameter determines if the client sending data must authenticate with it's X.509 certificate to the HTTP server. If *YES is set here and *NO is set in the preceding parameter "Import Untrustworthy Certificates ?", the partner's certificate must exist in the keystore before establishing a connection. By this, the partner's certificate, automatically sent via an established HTTPS connection, can be verified by the HTTP server. The HTTP server only accepts the incoming connection after successful verification of the client's certificate (check with certificate in the keystore). Otherwise, the connection will be closed due to the lack of proof that it is the partner trying to connect. If *NO is set in this parameter, certificate verification is not requested when establishing a connection. | |
| *YES | Yes, client authentication is used. | |
| *NO | No, client authentication is not used. | |
This form of SSL authentication is supported by only a few clients and is generally not common on the Internet.
| Import Untrustworthy Certificates? | If *YES is set in the "SSL" parameter, it is possible to allow the HTTP server to automatically import client certificates that do not exist in the keystore. Therefore, select option *YES in this parameter. This might be a security risk inasmuch as every client is con-sidered trustworthy due to automatic import of the client's certificate into the keystore. If option *NO is set and the certificate does not exist in the keystore when a connection is established, the connection will automatically be closed. It is correct to abort the connection because the client's identity cannot be verified due to the missing certificate in the keystore. Automatic import of certificates into the keystore is only possible if the parameter „Use Client Authentication ?" is set *YES. | |
| *YES | Yes, untrustworthy client certificates are automatically imported. | |
| *NO | No, untrustworthy client certificates are not automatically imported. | |
| SSL Connection Certificate | Enter the name of the key pair containing the public key (certificate) in the keystore, which is to be used for connection authentication. | |
| Characters | Alias of the certificate in the keystore. | |
| Connection: | |
|---|---|
| Connection Timeout | Define the timeout in seconds for connection establishment. |
| Read Timeout | Define the timeout in seconds for reading data on an open data connection. |
| Internal Timeout | This parameter defines the timeout value in seconds until an internal timeout is reported. |
| Maximum Send Retries | Define the maximum number of attempts to retry to send a file after connection failure or interruption. |
| Retry Pause | Define the pause in seconds before the next attempt to connect. |
| Email Address Originator | Originator email address that is inserted into the header as sender address. |
| Email Address Webmaster | Email address of the responsible Webmaster. |
| Proxy: | |
| HTTP Proxy Host | If a proxy server is used for HTTP communication, enter its IP address or DNS name here. |
| HTTP Proxy Port | If a proxy server is used for HTTP communication, enter its TCP/IP port here. |
| HTTP Proxy User ID | If a proxy server is used for HTTP communication, enter, if required, the user ID of the authorized user. |
| HTTP Proxy Password | If a proxy server is used for HTTP communication, enter, if required, the password of the authorized user. |
| Archive: | Archive Inbound Messages ? Determines if inbound HTTP data is to be archived. The following values are possibel | |
| *YES | YES, received data is archived. | |
| *NO | NO, received data is not archived. | |
| Archive Outbound Messages ? Determine if outbound HTTP data shall be archived. The following values are possible | ||
| *YES | YES, inbound data shall be archived. | |
| *NO | NO, inbound data shall not be archived. | |
| Archive Directory | Archive Path (Inbound) Enter the directory where inbound HTTP data shall be archived. | |
CODE
| ||
| Archive Path (Outbound) Enter the directory where outbound HTTP data shall be archived. | ||
CODE
| ||
| Path for Erroneous Files This parameter determines the name of the path where erroneous HTTP data is moved. | ||
CODE
| ||