Setting a Pass Phrase

To enable the HTTPS listener to run, you need to enter the pass phrase that you defined for the private key file. In other situations, you might also have a pass phrase for the server certificate, which you would also need to enter. This tutorial does not require one.

There are two ways of setting the pass phrases. One way is to store the pass phrases in a file, and the other is to enter them once the enterprise server region is started.

To set the pass phrase in a file:

  1. Edit the file mf-server.dat, located in $COBDIR/etc . If the file does not exist, create it.
  2. Add the following lines to mf-server.dat:
    [HTTPS Echo/SSL/passphrases]
    certificate=
    keyfile=open sesame

    It does not matter where in the file you add this section. If you like, you can add a comment (preceded by a ";") to describe the entry. Make sure the name HTTPS Echo is spelled exactly as it is in ESCWA.

    Note: You can use the Micro Focus Vault Facility to store a secret for the certificate and keyfile pass phrases. This can be specified in the mf-server.dat file and takes the following form:
    mfsecret:configuration-name:secret-path

    or:

    mfsecret::secret-path

    or:

    mfsecret:secret-path
    Note: If you are configuring the listener to start without a passphrase then use empty double quotes (keyfile="").
  3. Start Enterprise Server Common Web Administration (ESCWA), in the menu bar, click Native.
  4. Expand Directory Servers > Default.
  5. Click ESDEMO , and click General > Control.
  6. Click Start.
  7. When ESDEMO has started, click General > Listeners to make sure that the new listener HTTPS Echo has started, as with the other listeners.

If you ever have problems starting or running an SSL-enabled listener, it can be useful to look at the MFCS log, click Monitor > Logs > Communications Log.