Central Administration Server Options
Short | Long | Arguments | Description |
---|---|---|---|
-h | --help | Display a help message describing the command line parameters and options. | |
-d | --data | path | Specifies the working data directory. The Central Administration server stores its working data files in the
path given. This location must exist.
If this argument is not specified, the default is to store working data files in a directory called emsca_data within the current working directory. You can also configure the working directory by setting the system property or configuration file property named com.tibco.emsca.data.dir. If you run several distinct Central Administration servers, you must supply a unique path location for each server. |
-ht | --http | host:port | Specifies the HTTP user interface host and port. Browsers send graphic user interface requests (using the HTTP protocol) to this service. You may specify
host:port, or just
port.
If this argument is not present, the default is *:8080. Note that * implies all interfaces on the machine. When specifying the host and port on the command line, you must escape the argument if the * character is specified. For example, on Windows platforms: -ht "*:4545" This is a requirement for shell scripts determined by the operating system. You can also configure the HTTP interface by specifying the configuration property com.tibco.emsca.http.hostport. |
-c | --config | path | Points the Central Administration server to a file containing configuration properties. For more information see
Configuration File.
By default, the server looks for the file emsca.properties in the current directory. |
-j | --jaas | path | Configures the Central Administration server to configure security using the Java Authentication and Authorization Service (JAAS).
When present, the Central Administration server configures security using the JAAS configuration file at path. When absent, the server neither requires nor verifies credentials. You can also configure JAAS using the property com.tibco.emsca.jaas. For more information on JAAS security, see Configuration of JAAS Authentication. |
-ja | --jaas-admins | names | Replaces the default JAAS emsca-admin group with one or more admin group names. Administrators running Central Administration utility executables must be in one of these admin groups.
Group names should not contain spaces or commas. Specify multiple admin groups in a comma-separated list. This parameter can also be specified in a configuration file as the property com.tibco.emsca.jaas.admin.roles. |
-jg | --jaas-guests | names | Replaces the default
emsca-guest
group with one or more guest group names. JAAS guests can browse configurations, but are not able to modify, monitor, or deploy configurations.
Group names should not contain spaces or commas. Specify multiple guest groups in a comma-separated list. This parameter can also be specified in a configuration file as the property com.tibco.emsca.jaas.guest.roles. |
--concurrent-tasks | number | Specifies the number of concurrent deployment tasks that can be active at any one time during a deployment. Each deployment task implies a connection to an EMS server.
The number given should be greater than 0. If this argument is not present, the default is 10 concurrent tasks. You can also configure the concurrent deployments using the property com.tibco.emsca.concurrent.tasks. |
|
--keep-max-deployments | number | Specifies the maximum number of deployments to keep. If the number of deployments exceeds this number, the older deployments are removed.
Default is set to -1 (keep all deployments). This parameter can also be specified in a configuration file as the property com.tibco.emsca.max.deployments. |
|
--ssl-ciphers | string | Optional. Can be used if
--ems-ssl-identity or
--https-identity is provided.
Specifies the cipher suites to be used by SSL connections, either for the Central Administration server to connect to EMS servers using SSL or for accepting Web browser connections using the HTTPS protocol, or for both. The specified string must use the Java Client Syntax, as described in the . For example: -ALL:+TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:+TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 This parameter can also be specified in a configuration file as the property com.tibco.ems.ssl.ciphers. |
|
Central Administration to EMS Server SSL Communication Options
These options specify SSL settings between Central Administration and EMS servers. When configured in Central Administration, the server uses SSL to communicate with the EMS server. Note that neither hosts nor hostnames are verified. |
|||
--ssl-policy | policy | Sets the SSL policy for the Central Administration server. This optional flag specifies the policy of iteration over the EMSCA Deployment Listens when communicating with an EMS server. Note that the Central Administration server only communicates with the EMS server using the EMSCA Deployment Listens specified on the
Server Properties page.
Valid policy settings are:
When absent, this option is set to ANY. You can also configure the SSL policy using the com.tibco.emsca.ssl.policy parameter. |
|
--ems-ssl-identity | path | Optional flag specifying the path to a certificate providing the identity of the Central Administration server to EMS servers. The identity certificate must include its private key.
If the --ems-ssl-identity option is provided and --ems-ssl-password is not, the login screen to the Central Administration web interface presents fields for username, password, and certificate password. This scenario is only supported when JAAS is configured. You can also include the identity by including the property com.tibco.ems.ssl.identity. For more information, see Configuration of SSL Connections with EMS Servers. |
|
--ems-ssl-password | string | Provides the SSL password associated with the private key or store set with the
--ems-ssl-identity flag. This setting is optional.
If the --ems-ssl-password option is provided with --ems-ssl-identity, the Central Administration server does not prompt for a certificate password. Note that providing a password on the command line is not recommended and may pose a security risk. Consider configuring this property using a configuration file. If you must provide the password on the command line or in a configuration file, use tibemsadmin -mangle to generate an obfuscated version first. You can include the password in a configuration file using the com.tibco.ems.ssl.password parameter. |
|
Central Administration to Web Browser HTTPS Communication Options
These options specify HTTPS settings between Central Administration and web browsers. When configured, the Central Administration server uses HTTPS to communicate with web browsers. |
|||
--https-identity | path | Optional flag specifying the path to a PKCS12 file or Java KeyStore that provides the identity of the Central Administration server to browsers. The file must include the certificate and the corresponding private key.
When present, starts the web server port using the HTTPS protocol instead of HTTP. The --https-identity option must be specified with the --https-password option. This parameter can also be specified in a configuration file as the property com.tibco.emsca.https.identity. |
|
--https-password | string | Optional flag specifying the password to the identity file specified through
--https-identity.
Note that providing a password on the command line is not recommended and may pose a security risk. Consider configuring this property using a configuration file. If you must provide the password on the command line or in a configuration file, use tibemsadmin -mangle to generate an obfuscated version first. This parameter can also be specified in a configuration file as the property com.tibco.emsca.https.password. |