Sample configuration

This section provides a sample configuration using typical security settings where all daemons share one certificate.

# in ego.conf on master and management host(s), add: 
EGO_TRANSPORT_SECURITY=SSL 
EGO_KD_TS_PORT=32779 (user has to define port number here) 
EGO_DEFAULT_TS_PARAMS="SSL[CERTIFICATE=/etc/.../newcert.pem,CIPHER=EDH-RSA-DES-CBC3- 
SHA,PRIVATE_KEY=/etc/.../newkey.pem]" 
EGO_CLIENT_TS_PARAMS="SSL[CIPHER=EDH-RSA-DES-CBC3-SHA,CAFILE=/etc/.../ 
demoCA/cacert.pem,SERVER_AUTH={myCN}]" 
# in ego.conf on client host(s), add: 
EGO_TRANSPORT_SECURITY=SSL 
EGO_KD_TS_PORT=32779 (user has to define port number here) 
EGO_CLIENT_TS_PARAMS="SSL[CIPHER=EDH-RSA-DES-CBC3-SHA,CAFILE=/etc/.../ 
demoCA/cacert.pem,SERVER_AUTH={myCN}]" 
# in the <ego:ContainerSpecification> section in sd.xml on master/master-failover 
# host(s), add: 
<ego:EnvironmentVariable name="SD_SDK_TRANSPORT">TCPIPv4SSL</ego:EnvironmentVariable>
<ego:EnvironmentVariable name="SD_SDK_TRANSPORT_ARG">$EGO_DEFAULT_TS_PARAMS</ego:EnvironmentVariable>
<ego:EnvironmentVariable name="SSM_SDK_TRANSPORT">TCPIPv4SSL</ego:EnvironmentVariable>
<ego:EnvironmentVariable name="SSM_SDK_TRANSPORT_ARG">$EGO_DEFAULT_TS_PARAMS</ego:EnvironmentVariable>
<ego:EnvironmentVariable name="SDK_TRANSPORT">TCPIPv4SSL</ego:EnvironmentVariable>
<ego:EnvironmentVariable name="SDK_TRANSPORT_ARG">$EGO_CLIENT_TS_PARAMS</ego:EnvironmentVariable>