Management & Control Services Help Globe Icon

Modifying the SecurityGateway.properties File

In addition to the Security Services configuration options that you can change in Management & Control Services (MCS), you can set the following options in the SecurityGateway.properties text file:

To modify SecurityGateway.properties
  1. With a text editor, open SecurityGateway.properties, located in this directory (based on platform):
    Application ServerDefault Install Location
    Apache Tomcat The location will be under the Tomcat install directory, as follows if Tomcat is installed with an Attachmate product.
    Windows: c:\Program Files\Attachmate\Tomcat\webapps\mcs\WEB-INF\data\securitygateway\settings
    UNIX: /opt/Tomcat/webapps/mcs/WEB-INF/data/securitygateway/settings
    WebLogic or
    WebSphere
    Windows: c:\Program Files\Attachmate\mcs\WEB-INF\data\securitygateway\settings
    UNIX: /opt/Attachmate/mcs/WEB-INF/data/securitygateway/settings
    OS/390 USS: /opt/Attachmate/mcs/WEB-INF/data/securitygateway/settings

  2. Set any of the following properties:

    security.sslClientCA.files—Set to the path of the CA-signed root certificate file. You can use a path relative to the top-level install directory. For example, to place the root certificate file into the runtime subdirectory, you would enter:

    security.sslClientCA.file=runtime/clientCAfile

    where clientCAfile is the name of the CA-signed root certificate file. You can also use an absolute path to place the file anywhere on your network.

    security.tlsOnly—Set to true or false.

    security.force128Bit—Set to true or false.

    validHost1—Replace the Attachmate-supplied value, *.*.*.*:*, which denotes a connection with any host and port. Use this format:

    IPaddress:port

    where:
    IPaddress is the IP address of the host (not its domain name), and port is the number of the port on which the host is listening.

    You can use the asterisk character (*) as a wildcard in any position of the IP address and in the port, for example, 149.82.*.*:23 or 149.82.50.61:*

    You cannot use the question mark (?) as a wildcard character.

    You can also include comments, indicated by the pound (#) character in the first position of a line.

    If you want to filter multiple hosts, add additional ValidHostx=IPaddress:port properties

    where:
    x is a consecutive integer from 2 up, and IPaddress:port is the IP address and port number of the host.

  3. Save and close SecurityGateway.properties.

  4. Start, or restart, MCS for the Security Services component to read the modified SecurityGateway.properties file.

Related Topics
Bullet Overview of Security Services
Bullet Overview of Certificates
Bullet Configuring Security Services
Bullet Configuring a Client SSL Connection
Bullet Obtaining and Installing Certificates
  Attachmate