SSLIBSIZE (JANUS DEFINE parameter): Difference between revisions
m (moved SSLIBSIZE to SSLIBSIZE (JANUS DEFINE parameter)) |
mNo edit summary |
||
Line 4: | Line 4: | ||
SSLIBSIZE is a parameter on [[JANUS DEFINE]], which defines and sets characteristics of a Janus port. See the [[JANUS DEFINE#parmlist|List of JANUS DEFINE parameters]]. | SSLIBSIZE is a parameter on [[JANUS DEFINE]], which defines and sets characteristics of a Janus port. See the [[JANUS DEFINE#parmlist|List of JANUS DEFINE parameters]]. | ||
This parameter specifies the size of the SSL input buffer to be used on SSL ports. An SSL port is a Janus port whose definition includes an [[SSL]] parameter, which indicates that communications on this port may be encrypted using | This parameter specifies the size of the SSL input buffer to be used on SSL ports. An SSL port is a Janus port whose definition includes an <var>[[SSL (JANUS DEFINE parameter)|SSL]]</var> parameter, which indicates that communications on this port may be encrypted using <var class="product">[http://sirius-software.com/maint/download/jansslr.pdf Janus Network Security]</var> SSL (Secure Sockets Layer) or TLS (Transport Layer Security) support. | ||
Technically, the maximum "legal" SSL buffer size is 16000, but it may be necessary to use a larger input buffer if there will be connections with SSL implementations that don't fully conform to the SSL specification. If an application tries to send an SSL packet larger than SSLIBSIZE to a Janus SSL port, the connection will be broken and an error written to the audit trail (MSIR.0386 SSL INPUT MESSAGE TOO LONG - INCREASE SSLBSIZE). The other side of the SSL connection will not receive this error message or any other indication of why the connection was broken. There will be no effect on other users on the same port. | Technically, the maximum "legal" SSL buffer size is 16000, but it may be necessary to use a larger input buffer if there will be connections with SSL implementations that don't fully conform to the SSL specification. If an application tries to send an SSL packet larger than SSLIBSIZE to a Janus SSL port, the connection will be broken and an error written to the audit trail (MSIR.0386 SSL INPUT MESSAGE TOO LONG - INCREASE SSLBSIZE). The other side of the SSL connection will not receive this error message or any other indication of why the connection was broken. There will be no effect on other users on the same port. |
Revision as of 00:02, 28 February 2012
<section begin="desc" />SSLIBSIZE xxxx -- input SSL Buffer size<section end="desc" />
SSLIBSIZE is a parameter on JANUS DEFINE, which defines and sets characteristics of a Janus port. See the List of JANUS DEFINE parameters.
This parameter specifies the size of the SSL input buffer to be used on SSL ports. An SSL port is a Janus port whose definition includes an SSL parameter, which indicates that communications on this port may be encrypted using Janus Network Security SSL (Secure Sockets Layer) or TLS (Transport Layer Security) support.
Technically, the maximum "legal" SSL buffer size is 16000, but it may be necessary to use a larger input buffer if there will be connections with SSL implementations that don't fully conform to the SSL specification. If an application tries to send an SSL packet larger than SSLIBSIZE to a Janus SSL port, the connection will be broken and an error written to the audit trail (MSIR.0386 SSL INPUT MESSAGE TOO LONG - INCREASE SSLBSIZE). The other side of the SSL connection will not receive this error message or any other indication of why the connection was broken. There will be no effect on other users on the same port.
The default for SSLIBSIZE is 4096, and the minimum and maximum allowable values are 1024 and 32767, respectively.
For WEBSERV ports that are used for file uploads (HTTP PUT or form-based uploads), it will probably be necessary to set SSLIBSIZE to at least 16000, because most browsers will send SSL packets that are as large as possible. For most other applications, the SSLIBSIZE default is probably sufficient, though web applications that POST very large forms might require a slight increase of SSLIBSIZE.
SSLIBSIZE is valid for SRVSOCK, WEBSERV, OPENSERV and SDS port types.
References
See: List of Janus commands | List of JANUS DEFINE parameters.