Try OpenEdge Now
skip to main content
Installation and Configuration
Command and Utility Reference : Installing and managing keys and digital certificates : sslj : s_server
 
s_server
Starts the HTTPS server with the parameters provided.
Operating system
Syntax
UNIX
Windows
sslj s_server -accept port value -cert certificate path -certPass certificate password
[-CAfile CA file path] [-CAPass CA password]
[-protocol][-debug debug value]
[-log log directory path] [-verify]
-accept port value
Provides the port number that the server uses for the SSL handshake.
-cert certificate path
Provides the path where the server certificate resides.
Note: The supported file extensions for the certificate are .jks, .jceks, .p12, .pfx, .bks.
-certPass certificate password
Provides the password for the server certificate.
-CAfile CA file path
Provides the path for the CA certificate for client authentication.
Note: The supported file extensions for the certificate are .jks and .p12. Make sure that you provide the absolute path, for example, C:\xyz\abc.p12.
-CAPass CA password
Provides the password for the CA certificate.
-protocol
Specifies the protocol that the server uses.
-debug debug value
Turns on the debugging, the valid values are all and ssl. Here are the values that you can choose for ssl:
*record: Enables tracing for each record. The valid values are plaintext for hex dump of record and packet for raw SSL or TLS packets.
*handshake: Displays each handshake message. The valid values are data for hex dump of each handshake message and verbose for handshake message printing.
*keygen: Displays the key generation data.
*session: Displays the details of the session activity.
*defaultctx: Displays the default SSL initialization.
*sslctx: Displays the SSL context tracing.
*sessioncache: Displays the session cache tracing.
*keymanager: Displays the key manager tracing.
*trustmanager: Displays the trust manager tracing.
Note: If you have provided a filename using the -log option, the above details are updated in the file or else, they are displayed on the proenv.
-log log directory path
Specifies the path where the s_server.log file is generated.
-verify
(Optional) Validates the client certificate when the server starts.
Examples:
proenv> sslj s_server -accept 8888 -cert server.p12 -certPass password
-CAfile ca.jks -CAPass password -debug ssl:handshake -log C:\Progress\WRK\-verify -TLSv1.1
proenv> sslj s_server -accept 8888 -cert server.jks -certPass password
-CAfile ca.jks -CAPass password -debug ssl -log C:\Progress\WRK\-verify -TLSv1.1
Note: For more information on an example on creating and managing a .jks keystore, see the OpenEdge Management and OpenEdge Explorer: Getting Started guide.