By default, connections between the SGD Gateway and the SGD servers in the array are secured using Secure Sockets Layer (SSL). This means that AIP over SSL data uses TCP port 5307, and HTTPS data uses TCP port 443.
To use unencrypted connections between the SGD Gateway and the SGD servers in the array, see Section C.4.1, “Configuring the Gateway to Use Unencrypted Connections to the SGD Array”.
For unencrypted connections, AIP data uses TCP port 3144, and HTTP data uses TCP port 80.
This procedure describes how to reconfigure a Gateway deployment to use unencrypted connections.
Modify the Gateway configuration to use unencrypted connections to the SGD array.
# gateway config create
This command overwrites the current configuration of the Gateway.
When prompted whether to secure the connections between the
Gateway and the SGD servers in the array, enter
n
.
Remove any previously registered SGD servers for the Gateway.
# /opt/SUNWsgdg/bin/gateway server remove --server sgd.example.com
where sgd.example.com
is the name
of the SGD server.
The CA certificate and SSL certificate for the SGD server are removed from the Gateway keystore.
Ensure that the SGD servers in the array are configured to use standard, unencrypted connections.
Run the following command on each SGD server in the array to turn off SGD security services.
# tarantella security disable
Register the SGD servers in the array with the Gateway.
# /opt/SUNWsgdg/bin/gateway server add --serversgd.example.com
\ --certfile PeerCAcert.pem \ --urlhttp://sgd.example.com
This example adds the CA certificate
PeerCAcert.pem
to the SGD
Gateway keystore, using the alias
sgd.example.com
. The URL of the
SGD web server is
http://sgd.example.com
.
Restart the Gateway.
# /opt/SUNWsgdg/bin/gateway restart