notice about enable SSL on Domino

quote from Lotus Designer document:

key words: createSessionWithIOR, DIIOP_DUP_KEYRING=filename

To enable SSL (Secure Sockets Layer), use the String args[] parameter and specify “-ORBEnableSSLSecurity” as an element of the args array. For remote (IIOP) applications, the client must have access to the server’s trusted root certificate, stored in TrustedCerts.class in domino/java in the server’s data directory. This file is generated by the DIIOP task when it starts and is enabled to listen on the SSL port specified in the server document. The HTTP task delivers TrustedCerts.class to applets. For other applications, ensure that TrustedCerts.class is on the classpath.
The methods named createSessionWithIOR get an Internet session through explicit specification of the IOR. Typically this is not necessary. The createSession methods that specify a host call getIOR, which gets the IOR by querying the HTTP or DIIOP task listening on hostname:port for a file named diiop_ior.txt. Use the createSessionWithIOR methods if you have another mechanism for getting the IOR.
If only the HTTPS port can deliver the IOR, call getIOR with the String args[] parameter and specify “-createSessionWithIOR ” as an element of the args array. Then use the returned IOR in a createSessionWithIOR call.
If a file other than TrustedCerts.class contains the server’s trusted root certificate, specify “-ORBSSLCertificates=filename” as an element of the args array. The DIIOP task generates TrustedCerts.class and a duplicate file if “DIIOP_DUP_KEYRING=filename” is present as a notes.ini variable. This is useful to access two servers with different trusted root certificates.
A getIOR operation is not authenticated even with SSL.
Use a getIOR method with user and passwd parameters if anonymous access is not allowed on the HTTP or HTTPS port being accessed.
Note  The getIOR methods that take args[], user, and passwd parameters are new with Release 6.5.
The createSession methods that include an org.omg.CORBA.ORB parameter create a session using an existing ORB, which you first create with one of the createORB methods. Using one ORB for multiple sessions (connection pooling) saves network overhead. However, make sure the connection can handle all the sessions you create, and be sure to recycle when you terminate a session.
For applets, use AppletBase.openSession. For agents, use AgentBase.getSession.

发表评论

Fill in your details below or click an icon to log in:

WordPress.com 徽标

您正在使用您的 WordPress.com 账号评论。 登出 /  更改 )

Google photo

您正在使用您的 Google 账号评论。 登出 /  更改 )

Twitter picture

您正在使用您的 Twitter 账号评论。 登出 /  更改 )

Facebook photo

您正在使用您的 Facebook 账号评论。 登出 /  更改 )

Connecting to %s


%d 博主赞过: