How to Change Setting for CM HTTPD?
You can edit text file conf/cm_httpd.conf(conf/cm_ext.conf in CUBRID 9.2.0 or later) in order to configure the CUBRID Manager httpd service. Note that if any configuration is changed, CUBRID Manager Service must be restarted. Refer to Start/Stop CUBRID Manager.
User Permissions Setting
- user user <group>. Default: nobody; If the master process is run as root, then cub_cmhttpd will setuid()/setgid() to USER/GROUP. If GROUP is not specified, then cub_cmhttpd uses the same name as USER. By default it's nobody user.
HTTP Server Parameter Setting
- client_max_body_size size. Default: 1024m; Specifies the maximum accepted body size of a client request, as indicated by the request header Content-Length.
- keepalive_timeout timeout <header_timeout>. Default: 65; The first parameter assigns the timeout for keep-alive connections with the client. The server will close connections after this time. The second optional parameter assigns the time value in the header Keep-Alive: timeout=time of the response. This header can convince some browsers to close the connection, so that the server does not have to. Without this parameter, httpd does not send a Keep-Alive header (though this is not what makes a connection "keep-alive").
- listen port. Default: 8282; Specifies the host port to listen httpd request and work for CWM web app.
- ssl on / off. Default: on; Enable or disable SSL/HTTPS on the server.
- ssl_certificate fileName. Default: cm_httpd.crt; This directive specifies the file containing the certificate, in PEM format, for this virtual host. This file can contain also other certificates and the server private key.
- ssl_certificate_key fileName. Default: cm_httpd.key; This directive specifies the file containing the private key, in PEM format, for this virtual host.
- ssl_session_timeout time. Default: 60m; This directive defines the maximum time during which the client can re-use the previously negotiated cryptographic parameters of the secure session that is stored in the SSL cache.
- ssl_protocols <SSLv2> <SSLv3> <TLSv1> <TLSv1.1> <TLSv1.2>. Default: SSLv2 SSLv3 TLSv1; This directive specifies the SSL protocol versions enabled.
- ssl_ciphers ciphers. Default: HIGH:!aNULL:!MD5; This directive describes the list of cipher suites the server supports for establishing a secure connection. Cipher suites are specified in the OpenSSL cipherlist format.
- ssl_prefer_server_ciphers on / off. Default: on; The server requires that the cipher suite list for protocols SSLv3 and TLSv1 are to be preferred over the client supported cipher suite list.