Web server plug-in custom properties

For a Web server plug-in, we can add one or more of the following custom properties to the settings for that plug-in.

Complete these steps to add a Web server plug-ins custom property.

  1. In the admin console, select Servers > Server Types > Web servers > web_server_name > Plug-in properties > Custom properties > New .

  2. Under General Properties, specify the name of the custom property in the Name field and a value for this property in the Value field. We can also specify a description of this property in the Description field.

  3. Click Apply or OK.

  4. Click Save to save the configuration changes.

  5. Re-generate and propagate the plugin-cfg.xml file.



Specifies the label of the certificate within the keyring that the plug-in is to use when the Web container requests a client certificate from the plug-in. This custom property does not apply to any client certificate that is coming from the SSL connection with the browser. If using an SSL co-processor, and the plug-in is not running on a z/OS or i5/OS system, if specify the token label, followed by a colon, as the value for this custom property the entire CertLabel value is used as the keyring label.

Avoid trouble: You can only use this custom property if we are running on V7.0.0.3 or later.

Data type Boolean
Default False



Whether the plug-in should prefetch the partition table. When this custom property is enabled, the plugin prefetches the partition table so that affinity requests are maintained. The GetDWLMTable custom property must be enabled when memory-to-memory session management is configured for WAS.

Data type String
Default False



Specifies the maximum number of headers that can be included in a request or response that passes through the Web server plug-in. If a request or response contains more than the allowable number of headers, the Web server plug-in drops the extra headers.

Data type Integer
Range 1 - 4000
Default 300

If we prefer, instead of adding this custom property, we can manually add the following values to the plugin-cfg.xml file:

HTTPMaxHeaders = "<value>" in the Config tag. Example :
<Config ASDisableNagle="false" AcceptAllContent="false" AppServerPortPreference="HostHeader" ChunkedResponse="false" FIPSEnable="false" HTTPMaxHeaders="2500" IISDisableNagle="false" IISPluginPriority="High" IgnoreDNSFailures="false" RefreshInterval="60" ResponseChunkSize="64" VHostMatchingCompat="false">



Specifies whether the Web server plug-in is to compare the setup of each new SSL transport with the setup of other SSL transports that are already defined in the configuration file. When you set this property to true, and the plug-in determines that the keyring and CertLabel values specified for the new SLL transport match the values specified for an already defined SLL transport, the plug-in uses the existing SSL environment instead of creating a new SLL environment. Creating fewer SLL environments means that the plug-in requires less memory, and the plug-in initialization time decreases, thereby optimizing the overall Gskit environment.

Data type Boolean
Default False



Specifies the fully-qualified name of the loadable module that interfaces with an optional SSL co-processor. The fully-qualified name must include the directory path and the module name.

Data type String
Default None



Specifies the password for the SSL co-processor with which the module, specified for the SSLPKCSDriver custom property, is interfacing. I

f you are using an IBM HTTP Server, we can use the sslstash program to create a file that contains this password. In this situation, we can specify the fully-qualified name of that file, instead of the actual password, as the value for this custom property.

Data type String
Default None



Specifies that this Web server plug-in is permitted to interface with the proxy servers and load balancers that are listed for the TrustedProxyList custom property. When this property is set to true, any of the listed proxy servers and load balancers is permitted to set values for the two internal headers, $WSRA, and $WSRH. $WSRA is the IP address of the remote host, which is typically the browser, or an internal address that is obtained by Network Address Translation (N.A.T). $WSRH is the host name of the remote host. This header information enables the Web server plug-in to interface with that specific proxy server or load balancer.

Data type Boolean
Default False



Specifies a comma delimited list of all proxy servers or load balancers that have permission to interface with this Web server plug-in. This property must be used in conjunction with the TrustedProxyEnable=true custom property setting. If the TrustedProxyEnable custom property is set to false, this list is ignored.


TrustedProxyList = myProxyServer1.myDomain.com,myProxyServer2.com,

Data type String
Default None


Related tasks

plugin-cfg.xml file
Communicating with Web servers