Administration guide > Configure the deployment environment > Configuring clients

Client properties file

Sample client properties file

Use the file that is in the wxs_home/properties directory to create the properties file.

Client properties file

You can specify the client properties file in one of the following ways. Specifying a setting by using one of the items later in the list overrides the previous setting. For example, if you specify a system property value for the client properties file, the properties in that file override the values in the file that is in the class path.

  1. As a well-named file anywhere in the class path. Putting this file in the system current directory is not supported:

  2. As a system property in either a stand-alone or WAS configuration.†This value can specify a file in the system current directory, but not a file in the class path:


  3. As a programmatic override using the ClientClusterContext.getClientProperties method. The data in the object is populated with the data from the properties files. You cannot configure security properties with this method.

Client properties

[v7.1 and later] listenerHost

Host name to which the ORB binds.

For a multiple network card configuration, set the listener host and port to let the Object Request Broker in the JVM know the IP address on which to bind. For the client, use the client properties file. If you do not specify which IP address to use, the following problems might occur: connection timeouts, unusual API failures, and clients that seem to hang.

[v7.1 and later] listenerPort

Port number to which the ORB binds.


This property is not currently used. It is reserved for future use.


This property is not currently used. It is reserved for future use.


List of preferred routing zones. Each specified zone is separated by a comma in the form: preferZones=ZoneA,ZoneB,ZoneC

Default: no value


How long to retry a request (in milliseconds). Use one of the following valid values:

  • A value of 0 indicates that the request should fail fast and skip over the internal retry logic.

  • A value of -1 indicates that the request retry timeout is not set, meaning that the request duration is governed by the transaction timeout. (Default)

  • A value over 0 indicates the request entry timeout value in milliseconds. Exceptions that cannot succeed even if tried again such as a DuplicateException exception are returned immediately. The transaction timeout is still used as the maximum time to wait.

Security client properties


Enables WebSphere eXtreme Scale client security. This setting should match with the securityEnabled setting in theWebSphere eXtreme Scale server properties file. If the settings do not match, an exception results.

Default: false

Credential authentication configuration properties


Client credential authentication support. Use one of the following valid values:

Never The client does not support credential authentication.
Supported The client supports credential authentication if the server also supports credential authentication. (Default)
Required The client requires credential authentication.


Number of times that authentication is tried if the credential is expired. If the value is set to 0, attempts to authenticate are not tried again.

Default: 3


Name of the class that implements the interface. This class is used to get credentials for clients.

Default: no value


Properties for the CredentialGenerator implementation class. The properties are set to the object with the setProperties(String) method. The credentialGeneratorprops value is used only if the value of the credentialGeneratorClass property is not null.

Transport layer security configuration properties


Client transport type. The possible values are:

TCP/IP Indicates that the client only supports TCP/IP connections.
SSL-Supported Indicates that the client supports both TCP/IP and Secure Sockets Layer (SSL) connections. (Default)
SSL-Required †Indicates that the client requires SSL connections.

SSL configuration properties


Alias name in the keystore. This property is used if the keystore has multiple key pair certificates and to select one of the certificates.

Default: no value


Name of the context provider for the trust service. If you indicate a value that is not valid, a security exception results that indicates that the context provider type is incorrect.

Valid values: IBMJSSE2, IBMJSSE, IBMJSSEFIPS, and so on.


Indicates the type of security protocol to use for the client. Set this protocol value based on which Java Secure Socket Extension (JSSE) provider you use. If you indicate a value that is not valid, a security exception results that indicates that the protocol value is incorrect.

Valid values: SSL, SSLv2, SSLv3, TLS, TLSv1, and so on.


Indicates the type of keystore. If you indicate a value that is not valid, a runtime security exception occurs.

Valid values: JKS, JCEK, PKCS12, and so on.


Indicates the type of truststore. If you indicate a value that is not valid, a runtime security exception results.

Valid values: JKS, JCEK, PKCS12, and so on.


Fully qualified path to the keystore file.




Fully qualified path to the truststore file.




String password to the keystore. You can encode this value or use the actual value.


String password to the truststore. You can encode this value or use the actual value.

Parent topic:

Configure clients

Related concepts

Configure clients with WebSphere eXtreme Scale
Enable the client invalidation mechanism
Plan for network ports
Security integration with external providers

Related tasks

Configure request retry timeout values
Stop secure servers
Stop stand-alone servers
Configure SSL parameters for clients or servers

Related information

ClientSecurityConfigurationFactory class


Search Tips   |   Advanced Search