CONSOLE
CONSOLE is the LightWave Client Console process, which supports the administrative and management user interface for LightWave Client.
Starting the Process
The CONSOLE process is started by running the CONSOLE program from TACL.
tacl > run CONSOLE / run-options / command-line-options
The "--filesystem" and "--console-ports" command-line-options are required. All others are optional.
You should be logged-on as a user with sufficient privileges to access the system resources that the process requires.
run-options
The standard TACL run options. The 'CPU' option is recommended if the -backupcpu command-line-option is specified. The NOWAIT option is recommended. The TERM option is also recommended if started from a dynamic terminal device. The IN and OUT options are ignored.
command-line-options
@<command-file>
Reads command line options from <command-file>. Options specified on the command line override any duplicates specified in the file. At most, one '@' option may used. The file itself cannot contain an '@' option (i.e., no nesting).
--backupcpu <cpu-number>
Specifies the number of the CPU in which the LightWave Console process should run its backup process. It must not be the same as the primary CPU. If omitted, no backup process is started.
--console-ports <port-specification> [ <port-specification> ] ...
Specifies a list of TCP/IP ports that the process should listen on for browser connections. <port-specification> has the following form:
- [<tcpip-process>:]<port-number>[:<certificate-name>]
where:
- <tcpip-process> - The NonStop TCP/IP process to use for this port. If omitted, the value of the define =TCPIP^PROCESS^NAME is used if it exists, otherwise $ZTC0.
- <port-number> - The TCP/IP port to listen on, 0-65535. Port numbers 0-1023 can only be used if run by a member of the SUPER group.
- <certificate-name> - The CN value of the X509 certificate to use for this port. If specified, the port will use HTTPS protocol.
Multiple port specifications are separated by spaces. This option is required. See Certificate Management for information about installing server certificates.
--filesystem <subvolume-spec>
The location ($volume.subvolume) that contains the LightWave Client File System. If omitted, the default (current) subvolume is searched, then the installation subvolume (containing the CONSOLE program file) is searched. Note that there is a one-to-one correspondence between each Console process and a given filesystem; filesystems may not be shared among multiple instances of a Console. Refer to CUTILITY for information about creating the filesystem.
--license <file-name>
The name of an existing edit file containing the LightWave Client product license. If this option is omitted, the license file is located according to Product Licensing rules.
--log [ { <destination> | * } [ level [ format ] ] | +<log-config-file> ]
Specifies the process log location, the level, and the log event format, or the location of a log configuration file. The destination value may be a process name, a file name, or the asterisk (*) character. If the asterisk is used then the log output is directed to the home term of the process. The level value may be "error", "warning", "info", or "debug" and controls the type of information that is output to the log destination. The "error" level produces the least output while the "debug" level produces the most output. The format value may be "text" indicating that the log events should be output as text strings or "event" indicating that the log events should be output in EMS event format. If omitted, the default is "--log * info text". See Using Configuration Files for information about logging configuration files.
--sts-max-age <seconds>
Enables the Strict-Transport-Security header and specifies the max-age value in seconds. If omitted, the header is not returned in Console responses.
--tls-cipher-list <cipher-name-list> | +<cipher-list-file>
Specifies the list of ciphers to be used for TLS connections. The cipher list may be specified as a string containing a list of ciphers or an EDIT file containing a list of ciphers. Cipher names are specified using OpenSSL format. For more information on OpenSSL ciphers to OpenSSL Ciphers.
--tls-disable-v1.0
Disables TLS v1.0 connections to the console. If omitted, TLS v1.0 connections are allowed. Deprecated: use --tls-protocols
--tls-disable-v1.1
Disables TLS v1.1 connections to the console. If omitted, TLS v1.1 connections are allowed. Deprecated: use --tls-protocols
--tls-protocols [ TLSv1 ] [ TLSv1.1 ] [ TLSv1.2 ] [ TLSv1.3 ]
Specifies the list of protocols that should be available for TLS connections. If omittied, the default value is "TLSv1.2 TLSv1.3".
Examples
Start the Console process as a process pair in CPU 0 and 1. The Console may be accessed on port 8080 using HTTP or port 8443 using HTTPS. This example assumes that a server certificate with Common Name lightwave.example.com
has already been installed.
tacl> run console / name $LWCON, cpu 0 / --backupcpu 1 --console-ports $ztc0:8080 $ztc0:8443:lightwave.example.com