Setting a Pass Phrase

To enable the HTTPS listener to run, you need to enter the pass phrase that you defined for the private key file. In other situations, you might also have a pass phrase for the server certificate, which you would also need to enter. This tutorial does not require one.

There are two ways of setting the pass phrases. One way is to store the pass phrases in a file, and the other is to enter them once the enterprise server is started.

To set the pass phrase in a file:

  1. Edit the file mf-server.dat, located in $COBDIR/etc . If the file does not exist, create it.
  2. Add the following lines to mf-server.dat: 
    [HTTPS Echo/SSL/passphrases]
certificate=
keyfile=open sesame

    It does not matter where in the file you add this section. If you like, you can add a comment (preceded by a ";") to describe the entry. Make sure the name HTTPS Echo is spelled exactly as it is in ES Admin.

    Note: If you are configuring the listener to start without a passphrase then use empty double quotes (keyfile="").
  3. Start the Enterprise Server Common Web Administration and click Native in the task bar at the top of the screen.
  4. Expand Directory Servers > Default.
  5. Click ESDEMO , and click General > Control.
  6. Click Start.
  7. When ESDEMO has started, click General > Listeners to make sure that the new listener HTTPS Echo has started, as with the other listeners.

If you ever have problems starting or running an SSL-enabled listener, it can be useful to look at the MFCS log. Click Monitor > Logs > Communications Log.

Parent topic: Tutorial: Configuring SSL Security in the Server
Related information
Introduction
Creating a Secure HTTPS Listener
Installing the Server Certificate
Interpreting a Security Alert
Importing the CA's Root Certificate
Verifying the Certificate
Tidying Up