Network Deployment (Distributed operating systems), v8.0 > Reference > Configuration file descriptions
Web server plug-in custom properties
If you are using a web server plug-in, you can add one or more of the following custom properties to the configuration settings for that plug-in.
Complete these steps to add a web server plug-ins custom property.
We can update the global plugin-cfg.xml file using the admin console or running the GenPluginCfg command for all of the clusters in a cell. However, delete the config/cells/plugin-cfg.xml file before you update the global plugin-cfg.xml file. If you do not delete the config/cells/plugin-cfg.xml file, only the new properties and their values are added to the global plugin-cfg.xml file. Any updates to existing plug-in property values are not added to the global plugin-cfg.xml file.
- In the admin console, select Servers > Server Types > Web servers > web_server_name
> Plug-in properties > Custom properties > New .
- Under General Properties, specify the name of the custom property in the Name field and a value for this property in the Value field. We can also specify a description of this property in the Description field.
- Click Apply or OK.
- Click Save to save the configuration changes.
- Re-generate and propagate the plugin-cfg.xml file.
CertLabel
Label of the certificate within the keyring that the plug-in is to use when the web container requests a client certificate from the plug-in. This custom property does not apply to any client certificate that is coming from the SSL connection with the browser. If you are using an SSL co-processor, and the plug-in is not running on a z/OS or IBM i system, if you specify the token label, followed by a colon, as the value for this custom property the entire CertLabel value is used as the keyring label. We can only use this custom property if you are running on v7.0.0.3 or later.
Data type Boolean Default False
GetDWLMTable
Whether the plug-in should prefetch the partition table. When this custom property is enabled, the plugin prefetches the partition table so that affinity requests are maintained. The GetDWLMTable custom property must be enabled when memory-to-memory session management is configured for WAS.
Data type String Default False
HTTPMaxHeaders
Maximum number of headers that can be included in a request or response that passes through the web server plug-in. If a request or response contains more than the allowable number of headers, the web server plug-in drops the extra headers.
Data type Integer Range 1 - 4000 Default 300 If you prefer, instead of adding this custom property, you can manually add the following values to the plugin-cfg.xml file:
HTTPMaxHeaders = " <value>" in the Config tag. Example : <Config ASDisableNagle="false" AcceptAllContent="false" AppServerPortPreference="HostHeader" ChunkedResponse="false" FIPSEnable="false" HTTPMaxHeaders="2500" IISDisableNagle="false" IISPluginPriority="High" IgnoreDNSFailures="false" RefreshInterval="60" ResponseChunkSize="64" VHostMatchingCompat="false">
SSLConsolidate
Specifies whether the web server plug-in is to compare the setup of each new SSL transport with the setup of other SSL transports that are already defined in the configuration file. When you set this property to true, and the plug-in determines that the keyring and CertLabel values specified for the new SSL transport match the values specified for an already defined SSL transport, the plug-in uses the existing SSL environment instead of creating a new SSL environment. Creating fewer SSL environments means that the plug-in requires less memory, and the plug-in initialization time decreases, thereby optimizing your overall GSkit environment.
Data type Boolean Default False
SSLPKCSDriver
Fully qualified name of the loadable module that interfaces with an optional SSL co-processor. The fully qualified name must include the directory path and the module name.
Data type String Default None
SSLPKCSPassword
Password for the SSL co-processor with which the module, specified for the SSLPKCSDriver custom property, is interfacing.
If you are using an IBM HTTP Server, you can use the sslstash program to create a file that contains this password. In this situation, you can specify the fully-qualified name of that file, instead of the actual password, as the value for this custom property.
Data type String Default None
TrustedProxyEnable
Permits the web server plug-in to interface with the proxy servers and load balancers that are listed for the TrustedProxyList custom property. When this property is set to true, the proxy servers and load balancers in this trusted proxy list can set values for the $WSRA and $WSRH internal headers. The $WSRA internal header is the IP address of the remote host, which is typically the browser, or an internal address that is obtained by Network Address Translation (N.A.T.). The $WSRH internal header is the host name of the remote host. This header information enables the web server plug-in to interface with that specific proxy server or load balancer.
When you use this custom property you must also use the TrustedProxyList custom property to specify a list of trusted proxy servers and load balancers. Also, clear the Remove special headers check box on the Request Routing panel within the admin console. See the documentation on web server plug-in request routing properties.
Data type Boolean Default False
TrustedProxyList
Specifies a comma delimited list of all proxy servers or load balancers that have permission to interface with this web server plug-in. We must use this property with the TrustedProxyEnable=true custom property setting. If the TrustedProxyEnable custom property is set to false, this list is ignored.Example:
TrustedProxyList = myProxyServer1.myDomain.com,myProxyServer2.com,192.168.0.1
Data type String Default None
plugin-cfg.xml file
Implement a web server plug-in
Related
Web server plug-in request routing properties