Scheduler conf/texis.ini Section

This section of conf/texis.ini controls the Vortex script scheduler (see the Texis Web Script manual for more details on the Vortex scheduler). Vortex scheduling was added in version 3.01.985400000 Mar 23 2001. In version 6 and later, the schedule server can also accept <vxcp applylicense> requests to update the license; see the [License Update] section for settings in addition to these.

BindAddress

  The IP address to bind the Vortex script schedule/license server (in the Texis Monitor) to. This defaults to 127.0.0.1 so that only the local host can schedule scripts, or apply licenses via <vxcp applylicense> (though note that the password-protected Webinator GUI, which uses applylicense, is accessible remotely). If this address is not the loopback interface (no external network routing), a different one can be set to allow Vortex scripts to be scheduled. Note: this should not be set to an IP address accessible from outside the machine, for security.

Port

The TCP port to bind the Vortex script schedule server (in the Texis Monitor) to. Defaults to 10005. A different port can be set if this conflicts with existing servers. If SSL Engine is set to on, the default is 10006 instead, since the server will be listening for HTTPS not HTTP requests.

Run Level

Sets the run level for the Vortex script schedule server. It is an integer value whose bits mean the following: bit 0 is whether to run the schedule server at all (it can be turned off if desired to disable new schedules), bit 1 is whether to exit the Texis Monitor on startup if the schedule server encounters an error (e.g. can't bind to port). Normally a scheduler startup error allows the Texis Monitor to continue due to the importance of other services it provides. See also this setting in the [Monitor] section.

Verbose

Issue certain trace/debug messages for the Vortex script scheduler. Added in version 5.01.1257469000 20091105. It is a bit-wise OR integer value of the following flags:

• 0x1: Job-start messages

• 0x2: Job exit messages

• 0x4: Job scheduling messages

• 0x8: Job un-scheduling messages

Bit flags 0x2, 0x4, 0x8 were added in version 6.00.1282172000 20100818.

Job Mutex

Windows only: name of mutex for job arbitration. Defaults to NULL, i.e. use an internal server-only mutex. Generally changed only at request of tech support.

Job Mutex Timeout

Windows only: job mutex timeout value, in seconds. Defaults to 1.0. Can be INFINITE for no timeout (not recommended). Generally changed only at request of tech support. Added in version 5.01.1257457000 20091105.

New Job Event

Windows only: name of event for new job triggers. Defaults to NULL, i.e. use an internal server-only event. Generally changed only at request of tech support.

Texis

The path to the Vortex executable to run scheduled Vortex scripts. Defaults to texis.exe in the install directory under Windows, or bin/texis in the install directory under Unix.

SSL Engine

Whether to use secure sockets (SSL) for incoming <schedule>/ GUI-license-update connections. One of three values:

• off: Listen for HTTP requests, do not use SSL. None of the following SSL settings are used.

• optional: Listen for HTTP requests, but upgrade to SSL if client agrees via Upgrade header.

• on: Listen for HTTPS requests (use SSL).

The default is optional if [License Update] User is set (here), off if unset. This provides HTTP back-compatibility for Vortex <schedule> requests and security for <vxcp applylicense> requests. If set to on, the default Port value becomes 10006 instead of 10005, to avoid protocol confusion (much like HTTP and HTTPS have different ports). Added in version 6. If there is a problem initializing the SSL layer, an error such as "SSL disabled for schedule/license server due to previous errors" may result in monitor.log, after other errors (e.g. failed to load certificate): the server will continue to run, but as if SSL Engine was off. See also the [License Update] Require Secure setting, here.

 

SSL Pass Phrase Dialog

How to prompt for passwords when needed for loading password-protected certificate keys for the <schedule>/GUI-license-update server. Can be:

• off: Do not prompt; password-protected keys will not be loaded.

• builtin: Use the built-in prompter: ask for password at Texis Monitor startup. This requires that the monitor be started interactively, i.e. from the command line.

The default is off, so that the monitor may always start unimpeded, even from the command line when password prompting might be possible. See the equivalent setting in the monitor web server section - [Httpd] SSL Pass Phrase Dialog (here) - for more details.

 

SSL Certificate File

The path to the SSL server certificate file (in PEM format) to use for the <schedule>/GUI-license-update server. The default is %INSTALLDIR%/conf/ssl/certs/licensemonitor.cert.

Note that the certificate file, if it exists, is usually a self-signed certificate created automatically by the Texis/Webinator installer, since the schedule server typically is bound to the local host only (see BindAddress here), and in any event only serves <schedule> / <vxcp applylicense> requests, not public Web requests. See the equivalent setting in the monitor web server section - [Httpd] SSL Certificate File (here) - for more details.

SSL Certificate Key File

The path to the SSL certificate private key file (in PEM format) that corresponds to the SSL Certificate File certificate. The scheduler SSL certificate key is usually created automatically by the Texis/Webinator installer. The default is unset (note that in versions prior to 6.00.1317693000 20111003, the default was %INSTALLDIR%/conf/ssl/keys/licensemonitor.key). See the equivalent setting in the monitor web server section - [Httpd] SSL Certificate Key File (here) - for more details.

SSL Certificate Chain File

Optional path to <schedule>/GUI-license-update server certificate's CA (certificate authority) chain file, PEM format. For the <schedule>/GUI-license-update server, a CA chain file is usually not needed, as the Texis/Webinator installer-created certificate is self-signed, and no web browsers contact the server. The default is unset. See the equivalent setting in the monitor web server section - [Httpd] SSL Certificate Chain File (here) - for more details.

SSL CA Certificate File

Optional file with trusted CA certificates (PEM format), used by <schedule>/GUI-license-update server for authentication of clients. This setting is usually left unset and SSL authentication of clients not performed, as the <schedule>/GUI-license-update server is usually accessible only locally, and higher-level protocols perform authentication. The default is unset. See the equivalent setting in the monitor web server section - [Httpd] SSL CA Certificate File (here) - for more details.

SSL CA DN Request File

Optional file with CA certificates (PEM format) whose names are sent to the client when the client certificate is requested by the <schedule>/GUI-license-update server, during authentication of clients (see SSL Verify Client). This setting is usually left unset and SSL authentication of clients not performed, as the <schedule>/GUI-license-update server is usually accessible only locally, and higher-level protocols perform authentication. The default is unset. See the equivalent setting in the monitor web server section - [Httpd] SSL CA DN Request File (here) - for more details.

SSL Verify Client

Whether the <schedule>/GUI-license-update server should authenticate SSL clients. This setting is usually left unset and SSL authentication of clients not performed, as the <schedule>/GUI-license-update server is usually accessible only locally, and higher-level protocols perform authentication. The default is off. See the equivalent setting in the monitor web server section - [Httpd] SSL Verify Client (here) - for more details.

SSL Protocol

Which SSL protocols to use when SSL is active for <schedule>/GUI-license-update server. One or more of the space-separated protocols SSLv2, SSLv3, TLSv1 or all for all protocols. Each protocol may be prefixed with + to add the protocol to the enabled list, - to remove, or = to set (enable just this protocol). The default is all -SSLv2, i.e. enable all protocols except SSL/2.0. Added in version 6.

Trace Requests

Enable debug tracing of <schedule>/GUI-license-update server requests to monitor.log. This is an integer combination of the following bit flags to determine what is logged (same format as <urlcp verbose>):

bit 0

- Responses read

bit 1

- Requests sent

bit 2

- Headers read

bit 3

- Headers sent

The default is 0, i.e. no logging. Generally only set at the request of tech support. Added in version 5.01.1184720000 20070717.

Trace Auth

Enable debug tracing of <schedule>/GUI-license-update server authorization in requests. This is an integer combination of bit flags in the same format as the Vortex <urlcp traceauth> setting. Generally only set at the request of tech support. Added in version 5.01.1184720000 20070717.

Max Conn Requests

Maximum number of requests to service on a Keep-Alive connection to the <schedule>/GUI-license-update server. The default is 2 to allow SSL Engine = optional security-upgrade connections to function. This value should be kept to a minimum to conserve resources in the monitor. -1 is unlimited. Added in version 6.

Max Conn Lifetime

Maximum lifetime of a Keep-Alive connection to the <schedule>/GUI-license-update server, in seconds. The default is 5. This value should be kept to a minimum to conserve resources in the monitor. -1 is unlimited. Added in version 6.

Max Conn Idle Time

Maximum idle (not-in-use) time of a Keep-Alive connection to the <schedule>/GUI-license-update server, in seconds. The default is 3. This value should be kept to a minimum to conserve resources in the monitor. -1 is unlimited. Added in version 6.