Number of sockets in the accept buffer.

Default: 256

Defines a HTTP or SSL port for the standalone server.

Attribute	Meaning
id	http identifier name
host	The listening host
port	The listening port
virtual-host	Virtual host to select a host block.
ssl	enable ssl
ssl2	enable SSLv2	true
ssl3	enable SSLv3	true
tls1	enable TLSv1	true
key-store-type	JSSE Type of the key store (default jks)
key-store-file	JSSE File containing the certificates
key-store-password	JSSE Password to read the certificates
certificate-chain-file	OpenSSL certificate chain (Resin 2.1.4)
certificate-file	OpenSSL certificate (Resin 2.0.5)
certificate-key-file	OpenSSL key certificate (Resin 2.0.5)
certificate-key-password	OpenSSL key password (Resin 2.1.1)
crypto-device	OpenSSL engine (Resin 2.0.5)
thread-max	Maximum number of live threads.	200
thread-min	Minimum number of live threads.	5
thread-keepalive	Number of keepalive threads	100
request-timeout	Max time for a request, after this the request will be interrupted.	65 sec
listen	Value of the socket listen parameter	5
accept-buffer-size	Number of sockets in the accept buffer.	256
shutdown-wait-time	How long to wait for connections to finish before exiting.	10 sec.

Basic HTTP configuration

<caucho.com> <http-server> <http port='8080'> ... </http-server> </caucho.com>

JSSE configuration

<caucho.com> <http-server> <http port='8443'> <ssl>true</ssl> <key-store-type>pkcs12</key-store-type> <key-store-file>keys/server.p12</key-store-file> <key-store-password>changeit</key-store-password> </http> ... </http-server> </caucho.com>

For load balancing, how long the server should treat a dead server as dead before retrying it.

Default: Defaults to 5 sec.

Specifies an interface for the http or srun to listen to. In cases where the server should not listen at all interfaces on a multihomed host, the <host> tag will restrict Resin to listen to one interface.

Default: listen to all interfaces.

For load balancing, how long the server should keep an idle srun connection open before closing it. <live-time> must be less than <request-timeout>.

Default: Defaults to 10 sec.

Specifies the port the http or srun should listen to. Most HTTP web servers listen to port 80.

Time in seconds for a connection to timeout. An idle client uses a TCP connection until it quits. request-timeout limits the time taken up by idle clients.

Default: Defaults to 65 sec.

Configures a custom protocol server. Some specialized application may have a custom protocol, like IMAP, which need to be integrated with the Resin server. These ports can be configured with the <server> configuration.

The <request-factory> class implements com.caucho.server.RequestFactory and creates request objects of type com.caucho.server.Request. Each Request will handle the protocol on the given socket.

<caucho.com> <http-server> <server id='a' port='9999'> <request-factory>com.trecorp.server.MyServer</request-factory> <init-param foo='bar'/> </server> ... </http-server> </caucho.com>

Defines multiple client machines for load balancing. This directive used by the web server (Apache or IIS) and by the Java portion of Resin.

Each srun directive adds a new client to receive load balanced requests. With Resin 1.2, the resin.conf must have at least one <srun> or <http> element.

Attribute	Meaning	Default
id	srun identifier name.	none
host	The host name of the client srun.	all interfaces
port	The port name of the client srun.	none
connect-timeout	How long to wait for a connection from the web server to the Resin srun before giving up.	30 sec
live-time	How long the web-server/srun connection should stay live.	10 sec
dead-time	How long before checking that a srun has come back up.	5 sec
timeout	How long the load balancing server should wait for a response.	30 sec
thread-max	Maximum number of live threads.	200
thread-min	Minimum number of live threads.	5
thread-keepalive	Number of keepalive threads	100
request-timeout	Max time for a request, after this the request will be interrupted.	65 sec
listen	Value of the socket listen parameter	5
accept-buffer-size	Number of sockets in the accept buffer.	256
shutdown-wait-time	How long to wait for connections to finish before exiting.	10 sec.

Load balance over three machines

<caucho.com> <http-server> <srun id='a' host='host1.caucho.com' port='6802'> <srun id='b' host='host2.caucho.com' port='6802'> <srun id='c' host='host2.caucho.com' port='6803'> </http-server> </caucho.com>

To start srun 'a' use a command line like

unix> srun.sh -server a Resin 2.1.0 srun listening to host1.caucho.com:6802

On Unix, when starting a daemon, you'll need to specify a unique pid file.

unix> srun.sh -server a -pid a.pid start

Defines backup client machines for load balancing. This directive is only picked up by the load balancer. The Java portion of Resin treats a <srun-backup> like any other srun. Normally, <srun-backup> is only used when each web server has a primary <srun> in preference to other <srun> JVMs. See the load-balancing section for more information.

Attribute	Meaning	Default
id	srun identifier name	none
host	The host name of the client srun	all interfaces
port	The port name of the client srun	none
connect-timeout	How long to wait for a connection from the web server to the Resin srun before giving up.	30 sec
live-time	How long a keepalive connection will remain alive before closing.	5 sec.
dead-time	How long to treat a non-responding srun before trying again.	5 sec.
shutdown-wait-time	How long to wait for connections to finish before exiting.	10 sec.

Flags a http or srun to use SSL.

Resin supports SSL with either JSSE or OpenSSL on Unix systems. We generally recommend using ssl="openssl" since it's faster and more stable.

Resin's OpenSSL uses the same certificates as Apache, so you can either reuse your Apache certificate or get a new certificate using the instructions for getting an Apache certificate.

If you have OpenSSL-engine and Resin 2.0.5, you can enable SSL engines using the crypto-device tag. If the JNI libraries are available, Resin will use OpenSSL's C-based implementation.

Attribute	Meaning
ssl	enable ssl ="jsse" or ="openssl"
key-store-type	JSSE Type of the key store (default jks)
key-store-file	JSSE File containing the certificates
key-store-password	JSSE Password to read the certificates
certificate-chain-file	OpenSSL certificate chain (Resin 2.1.4)
certificate-file	OpenSSL certificate (Resin 2.0.5)
certificate-key-file	OpenSSL key certificate (Resin 2.0.5)
crypto-device	OpenSSL engine (Resin 2.0.5)

<http-server> ... <http port='443'> <ssl>openssl</ssl> <certificate-file>/opt/resin/keys/cert.pem</certificate-file> <crypto-device>cswift</crypto-device> </http> ... </http-server>

Enables or disables SSL v2 for a SSL port. If sslv2 is false, clients trying to use SSL v2 will fail.

Default: true.

Enables or disables SSL v3 for a SSL port. If sslv3 is false, clients trying to use SSL v3 will fail.

Default: true.

Sets the tcpNoDelay for received sockets.

Default: true.

Enables or disables TLS v1 for a SSL port. If tlsv1 is false, clients trying to use TLS v1 will fail.

Default: true.

Configures how SSL should treat client certificates.

verify-client values

Value	Meaning
none	Do not use client certificates
require	Require a client certificate
optional	Use the client certificate if provided, but require any provided certificate to be signed by a known CA.
optional_no_ca	Use the client certificate if provided and accept certificates not signed by known CAs.

Default: none.