| --- |
| title: Security-Related System Properties |
| --- |
| |
| <!-- |
| Licensed to the Apache Software Foundation (ASF) under one or more |
| contributor license agreements. See the NOTICE file distributed with |
| this work for additional information regarding copyright ownership. |
| The ASF licenses this file to You under the Apache License, Version 2.0 |
| (the "License"); you may not use this file except in compliance with |
| the License. You may obtain a copy of the License at |
| |
| http://www.apache.org/licenses/LICENSE-2.0 |
| |
| Unless required by applicable law or agreed to in writing, software |
| distributed under the License is distributed on an "AS IS" BASIS, |
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| See the License for the specific language governing permissions and |
| limitations under the License. |
| --> |
| |
| The table describes the security-related system properties in the `geode.properties` file for native client authentication and authorization. |
| |
| <a id="security__section_6DC4C72A2EEB432AA40DE97D438FD1E7"></a><a id="security__table_92A6A66523764199A19BCD66BA189921"></a> |
| |
| <table> |
| <caption><span class="tablecap">System Properties for Client Authentication and Authorization</span></caption> |
| <colgroup> |
| <col width="50%" /> |
| <col width="50%" /> |
| </colgroup> |
| <tbody> |
| <tr class="odd"> |
| <td><code class="ph codeph">security-client-dhalgo</code></td> |
| <td>Diffie-Hellman based credentials encryption is not supported.</td> |
| </tr> |
| <tr class="even"> |
| <td><code class="ph codeph">security-client-kspath</code></td> |
| <td>Path to a .pem file, which contains the public certificates for all <%=vars.product_name%> cache servers to which the client can connect through specified endpoints.</td> |
| </tr> |
| <tr class="odd"> |
| <td><code class="ph codeph">ssl-enabled</code></td> |
| <td>True if SSL connection support is enabled.</td> |
| </tr> |
| <tr class="even"> |
| <td><code class="ph codeph">ssl-keystore</code></td> |
| <td>Name of the .pem keystore file, containing the client’s private key. Not set by default. Required if <code class="ph codeph">ssl-enabled</code> is true.</td> |
| </tr> |
| <tr class="odd"> |
| <td><code class="ph codeph">ssl-keystore-password</code></td> |
| <td>Sets the password for the private key PEM file for SSL.</td> |
| </tr> |
| <tr class="even"> |
| <td><code class="ph codeph">ssl-truststore</code></td> |
| <td><p>Name of the .pem truststore file, containing the servers’ public certificate. Not set by default. Required if <code class="ph codeph">ssl-enabled</code> is true</p></td> |
| </tr> |
| </tbody> |
| </table> |
| |
| |
| |