Listeners Properties

The Listeners tab lets you specify the TCP/IP and SSL properties (IP address and port) that StarPipes uses to listen for client connections.  You may choose to configure multiple listeners if require need both SSL and non-SSL connections, or if are you using a multi-homed server and desire to enable listeners for some but not all of the IP interfaces.

To create a new listener, Click the Add Button.  You will see the following dialog:

IP

Specify the IP address on which StarPipes should listen.

You can configure the listener to accept connections on all addresses by using an IP address of 0.0.0.0, or you can specify particular IP address(es) for which you want the listener to be active. For a multi-homed server, this allows you to limit which IP addresses on the computer are available for accepting connections. For example, for a computer that has an IP address for an Internet connection and an IP address for a local area network, you can listen for license requests only on the LAN IP address to avoid exposure from Internet connections.

TCP/IP Port

The TCP/IP Port specifies the number of the port that StarPipes monitors for incoming and outgoing DRDA messages. The port number must match the one used by the StarSQL ODBC data source or the StarSQL for Java URL on the client computer. Typical values are 446 for unencrypted communications and 448 for SSL.

Idle Timeout

Specifies the number of seconds that a connection may remain idle before the StarPipes process disconnects the socket. If you specify 0 or no value, connections remain active regardless of how long they are idle.

SSL/TLS

Select this checkbox to enable SSL communications for this listener.

You must install a StarPipes server certificate prior to creating an SSL listener - see Certificate Management.

The client computer must also be configured for SSL communications. For example:

• To configure StarSQL for Java for SSL, include both StarSQL_SSL14.jar and StarSQL_JDBC.jar in the CLASSPATH and include the ssl property in the URL (possible values are TLS, SSL, SSLv3, TLSv1). Here is a typical URL:

jdbc:StarSQL_JDBC://mystarpipes:448/MYRDB;ssl=TLS

• To configure StarPipes running on two different computers to communicate with each other via SSL, select the SSL radio button when configuring the Routing properties on the "client" StarPipes machine.

Select SSL/TLS options to define optional SSL parameters:

Protocol Version can be one of the following values. Note that only protocol versions supported by the version of Windows running on the machine hosting the StarPipes server are displayed in the dropdown menu.

• Negotiate (Default)

• SSL V2

• SSL V3

• TLS V1

• TLS V1 + 3DES

• TLS V1 + AES256

• TLS V1.2

• TLS V1.2 + AES256

Require Client Authentication: Require that a client certificate (issued by a Certificate Authority trusted by the computer running StarPipes) be installed on the client computer. see Certificate Management.

Require 128-bit encryption: Require that the client use 128-bit encryption.