Ssl processing, Mapping – HP e-CommerceXML Accelerator sa7150 User Manual

C H A P T E R 3 HP e-Commerce/XML Server Accelerator SA7150 User Guide

46

4. Combine the

key.pem

and

cert.pem

keys into one file by

typing this command.

cat key.pem cert.pem > all.pem

5. Convert to p12 format by typing this command.

openssl pkcs12 -export -in all.pem -out

.p12 - name “MY NAME”

The output file .p12 will be imported into the browser as a
personal certificate.

SSL Processing

The HP e-Commerce/XML Server Accelerator SA7150 handles
several SSL protocols, for example, HTTPS (which is the default).
For security purposes, you can block access to specified IPs or ports
(see “Blocking” section in this chapter). Traffic that is not mapped or
blocked flows through transparently (see “Failure Conditions”
section at the end of this chapter). Supported protocols are listed
below. (Ports listed are “well-known” port assignments. Any
available port may be used.)

•

HTTPS 443 (default)

•

IMAPS 993

•

POP3S 995

•

SMTPS 465

•

NNTPS 563

•

LDAPS 636

Mapping

NOTE: The SA7150
supports a maximum of
1000 mappings.

Keypairs and their associated certificates are referenced by a keyID.
A server is identified by a unique combination of server IP and
network port. Mapping is the process of associating a keyID with a
server (using server IP, network port, and server port). The SA7150
supports two types of mapping:

•

Automapping

•

Manual mapping