Configuration via Configuration (.cfg) Files
- Shaun Morris
HTTP Port Configuration
Do not use the Web Administration Console to change the HTTP port. While the Web Administration Console's Pax Web Runtime offers this configuration option, it has proven to be unreliable and may crash the system
Multiple Local DDF Nodes
- Make port number edits to files in the DDF install folder. Line numbers are referenced for 2.1.X releases.
| File to Edit | Line Number | Original Value | Example of New Value |
|---|---|---|---|
| bin/karaf.bat | 99 | 5005 | i.e. 5006 |
| etc/org.apache.karaf.management.cfg | 27 | 1099 | i.e. 1199 |
| " " | 32 | 44444 | i.e. 44445 |
| etc/org.ops4j.pax.web.cfg | 9 | 8181 | i.e. 8281 |
| " " | 22 | 8993 | i.e. 8994 |
Be sure to note the port number that replaced "8181" and enter that in the Web Console under the Configuration tab for the Platform Global Configuration -> DDF Port entry. Also edit the sitename so that there are no duplicates on your local machine.
Do not use the Web Administration Console to SSL enable the DDF services. While the Web Administration Console's Pax Web Runtime offers this configuration option, it has proven to be unreliable and may crash the system. Edit the provided configuration file Property Sample Value Description Set this to true to SSL enable the DDF services Set this to the HTTPS port number. Set this to the type of keystore (most likely Set this to the fully-qualified path to the SSL keystore file Set this to the password for the user's private key Set this to the password for overall keystore integrity checking Here is an example .cfg file: All Also take care if Optional: Disable HTTP for the DDF services and only use HTTPS by setting the Reference Configuring a Java Keystore for Secure Communications Additional Pax-Web SSL configuration info: http://team.ops4j.org/wiki/display/paxweb/SSL+ConfigurationEnabling SSL for Services
<DDF_INSTALL_DIR>/etc/org.ops4j.pax.web.cfg with the settings for the desired configuration.Pax Web Configuration Settings
org.osgi.service.http.enabledfalse Set this to false to disable HTTP without SSL org.osgi.service.http.secure.enabledtrueorg.osgi.service.http.port.secure8993
(Verify this port does not conflict with any other secure ports being used in the network. For example, JBoss and other application servers use port 8443 by default)org.ops4j.pax.web.ssl.keystore.typejksjks)org.ops4j.pax.web.ssl.keystore/opt/ddf/keystore.jksorg.ops4j.pax.web.ssl.keypasswordpassword1org.ops4j.pax.web.ssl.passwordpassword2######################
# HTTP settings
######################
# Disable HTTP
org.osgi.service.http.enabled=false
# HTTP port number
org.osgi.service.http.port=8181
######################
# HTTPS settings
######################
# Enable HTTPS
org.osgi.service.http.secure.enabled=true
# HTTPS port number
# (Verify this port does not conflict with any other secure ports being used in the
# network. For example, JBoss and other application servers use port 8443 by default)
org.osgi.service.http.port.secure=8993
# Fully-qualified path to the SSL keystore
org.ops4j.pax.web.ssl.keystore=/opt/ddf/keystore.jks
# SSL Keystore Type
org.ops4j.pax.web.ssl.keystore.type=jks
# Keystore Integrity Password
org.ops4j.pax.web.ssl.password=abc123
# Keystore Password
org.ops4j.pax.web.ssl.keypassword=abc123
.cfg files follow a strict formatting structure in that every entry is a key=value pair. There should be no whitespace before the key, around the equals sign (=), or after the value. Otherwise, the key or value may be misinterpreted..cfg files originated on an operating system other than the operating system DDF is currently running on. Hidden characters, e.g., ^M, can be added during the file transfer between the operating systems. This occurs often when a DDF zip install file from a Unix operating system is transferred to a Windows operating system and installed.org.osgi.service.http.enabled property to false. After this, all DDF clients need to pass the appropriate certificates.