security_level

A digit from 1 through 4. These levels are described in Security levels.

bindir

Absolute path to a subdirectory containing the dynamically loaded security binary modules. For example:
C:\Program Files\BMC Software\Control-M Server\ctm_server\exe

bindir64

bindir for 64-bit computer. For example: C:\Program Files\BMC Software\Control-M Server\ctm_server\exe

sksdir

Absolute path to a Security KeyStore read/write subdirectory where Control‑M encrypted keys are stored. For example: C:\Program Files\BMC Software\Control-M Server\ctm_server\data\SSL\cert

securitydir

Absolute path to read only subdirectory where *.kdb key databases and key material files are stored. For example:

C:\Program Files\BMC Software\Control-M Server\ctm_server\data\SSL\cert

password

Encrypted password (generated by the bmcryptpw utility), followed by a comma, followed by the absolute path of the keymaterial file (used for 3 DES key computation). Embedded blanks are not allowed.

keyfile

Absolute path of the key database file. For example:

C:\Program Files\BMC Software\Control-M Server\ctm_server\data\SSL\cert\ctmkeystore.p12

identity

Key pair label in a key database.

Valid values:

• CADN
• CODN
• NSDN
• AGDN

logdir

Absolute path to subdirectory containing the log file. For example:

C:\Program Files\BMC Software\Control-M Server\ctm_server\data\SSL\log

loglevel

One or more of the following values separated by commas:
ERROR WARNING INFO TRACE

logfile

Log file (path and) name. For example:

gtw_ssl.log

provider_options

Determines SSL protocol(s) that will be used and cipher(s) that will be used for each protocol.

EXAMPLE:

provider_options=SSLProtocol=TLS1_2,TLSCipherSuite =<ciphers list>

provider_options=SSLProtocol=TLS1,SSLV3CipherSuite =<ciphers list>

provider_options=SSLProtocol=SSLv3,SSLV3CipherSuite =<ciphers list>

NOTE: All ciphers with SHA256 can be used only with TLS1_2 protocol.