服务端证书配置好后,需要重启 IDS 服务来生效。
VPCLASS encrypt,num=1
NETTYPE onsocssl,1,150,CPU
ol_gbase8s onsocssl 127.0.0.1 10603
[config]
GBS_TYPE=gbasessl
[ol_gbase8s]
server=ol_gbase8s
client=ids1_client
[ol_gbase8s]
TLSCACertificateFile=/opt/gbase8s/ids_cfg/security/GBASECA.pem
TLSCertificateFile=/opt/gbase8s/ids_cfg/security/GBase8s.pem
TLSCertificateKeyFile=/opt/gbase8s/ids_cfg/security/GBase8s.key
TLSCertificateKeyFilePasswd=
TLSVerifyCert=verify
[ids1_client]
TLSCACertificateFile=/opt/gbase8s/ids_cfg/security/GBASECA.pem
TLSCertificateFile=/opt/gbase8s/ids_cfg/security/root.pem
TLSCertificateKeyFile=/opt/gbase8s/ids_cfg/security/root.key
TLSCertificateKeyFilePasswd=
TLSVerifyCert=verify
GBase 8s 安全技术指南
南大通用数据技术股份有限公司
- 23 -
7 备份与恢复