Configuring the broker to listen for HTTP and HTTPS connections

To configure the broker to accept HTTP and HTTPS connections, add a connection to the configuration file on the broker.

About this task

Edit the trc_broker.properties file to configure the connection type and parameters that are required for enabling the proxy feature on the broker.

On a Windows™ computer, this file is in the \Broker directory within the brokers's working directory.

For example, \Documents and Settings\All Users\Application Data\IBM\Tivoli\Remote Control\Broker.

If you are using a Windows 2008 server, the file is in \ProgramData\IBM\Tivoli\Remote Control\Broker\. In Linux™ systems, the file is in the /etc directory. For more information about broker configuration, see the IBM® BigFix® Remote Control Administrator's Guide.

To configure the connections, complete the following steps:

Procedure

  • To configure the broker to accept HTTP connections:
    1. Add a connection to the configuration file by using connection type InboundHTTP.
      prefix.ConnectionType
      Defines the type of connection. Must be set to InboundHTTP or InboundHTTP6.
      InboundHTTP
      Listen for HTTP connections that use IPv4 addresses.
      InboundHTTP6
      Listen for HTTP connections that use IPv6 addresses.
    2. Set optional keywords. The connection inherits values from the default configuration, except for PortToListen.
      prefix.PortToListen
      The TCP port to use for listening. Default is 80.
      prefix.BindTo
      Accept incoming connections on the specified address only. Default is the DefaultBindTo value that is inherited from the default configuration.
      prefix.RetryDelay
      Time between attempts to open the listening port. Default is the DefaultRetryDelay value that is inherited from the default configuration.
  • To configure the broker to accept HTTPS connections:
    1. Add a connection to the configuration file by using connection type InboundHTTPS.
      prefix.ConnectionType
      Defines the type of connection. Must be set to InboundHTTPS or InboundHTTPS6.
      InboundHTTPS
      Listen for HTTPS connections that use IPv4 addresses.
      InboundHTTPS6
      Listen for HTTPS connections that use IPv6 addresses.
    2. Set optional keywords. The connection inherits values from the default configuration, except for PortToListen.
      prefix.PortToListen
      The TCP port to use for listening. Default is 443.
      prefix.BindTo
      Accept incoming connections on the specified address only. Default is the DefaultBindTo or DefaultBindTo6 value that is inherited from the default configuration.
      prefix.RetryDelay
      Time between attempts to open the listening port. Default is the DefaultRetryDelay value that is inherited from the default configuration.
      prefix.TLSCertificateFile
      File name and path of the broker's certificate. Default is the DefaultTLSCertificateFile value that is inherited from the default configuration.
      prefix.TLSCertificatePassphrase
      Passphrase for the broker's certificate. Default is the DefaultTLSCertificatePassphrase value that is inherited from the default configuration.
      prefix.HTTPSCipherList
      List of cipher suites that can be used to secure network connections. Default is the DefaultHTTPSCipherList value that is inherited from the default configuration.
      Note: For more information about default broker configuration parameters, see the IBM BigFix Remote Control Administrator's Guide.