security.ini

These tables list the parameters of the security.ini file.

[firewall] section

Default value Install config Required Description
rmi_registry_port 13021 security FALSE The TCP port number for the RMI registry to serve requests. This port must be the same as the registry port numbers of the host server and any system configuration GUI client. [security] section
security_server_default_port empty security FALSE This corresponds with the RMI Object Port text box on the Server Administration GUI. Entering a port in the text box "fixes" the port, so that the port does not change when the security server is restarted.

[security] section

Default value Install value Install config Required Description
password prompt security TRUE [securityThis is the password used to encrypt and decrypt the private key file of the security server. The install process creates a public certificate and encrypted private key file. The security server does not start if this property is not set or is set improperly,
security_cert_chain host-clsecurity-cert.der;hie-cert.der Install creates: hostname-clsecurity-cert.der;username-cert.der;hie-cert.der security TRUE This is the semicolon-delimited list of certificates. They represent the certificate chain of the security server’s server certificate, to the customer certificate authority’s certificate, to the Infor certificate authority’s public certificate. Set this to hostname-clsecurity-cert.der;username-cert.der;hie-cert.der.
  • username is the name of the customer as it shows in the Customer CA certificate.
  • hostname is the name of the security install machine.

The security host certificate is created during the install.

security_private_key enc-host-clsecurity-key.der Install creates: enc-hostname-clsecurity-key.der security TRUE This is the file name of the encrypted private key file for the security server. The naming convention for this file is enc-hostname-clsecurity-key.der.

[logging] section

Default value Install config Required Description
Cloverleaf_security_server_log security.log security FALSE This is the file name for the security server log file.
Cloverleaf_security_server_category INFO security FALSE This is the logging category for the main application of the security server and is used for filtering log messages. Valid values are PRODUCT, ERROR, WARNING, INFO, and DEBUG.
Cloverleaf_security_server_level BRIEF security FALSE This is the logging level for the main application of the security server and is used for filtering log messages. Valid values are SILENT, BRIEF, and VERBOSE.
security_server_category INFO security FALSE This is the logging level for the remote security server object and is used for filtering log messages. Valid values are PRODUCT, ERROR, WARNING, INFO, and DEBUG.
security_server_level BRIEF security FALSE This is the logging level for the remote security server object and is used for filtering log messages. Valid values are SILENT, BRIEF, and VERBOSE.
security_store_category INFO security FALSE This is the logging category for the system Security Store and is used for filtering log messages. Valid values are PRODUCT, ERROR, WARNING, INFO, and DEBUG.
security_store_level BRIEF security FALSE This is the logging level for the system Security Store and is used for filtering log messages. Valid values are SILENT, BRIEF, and VERBOSE.
log_rmi_calls false security FALSE This is a flag to turn on RMI logging in the Sun RMI layer. Options are true or false.
rmi_log security_rmi.log security FALSE This is the file name for RMI log messages.
debug_ssl false security FALSE This is a flag to turn on SSL logging in the Phaos API. Options are true or false.