Nssslsessiontimeout, Nssslclientauth, Nsssl2 – Red Hat 8.1 User Manual

Page 60: Nsssl3, Nsssl3ciphers

Advertising
background image

2.3.3.1. nsSSLSessionTimeout

This attribute sets the lifetime duration of a TLS/SSL. The minimum timeout value is 5 seconds. If a
smaller value is set, then it is automatically replaced by 5 seconds. A value greater than the maximum
value in the valid range below is replaced by the maximum value in the range.

The server has to be restarted for changes to this attribute to go into effect.

Parameter

Description

Entry DN

cn=encryption, cn=config

Valid Range

5 seconds to 24 hours

Default Value

0, which means use the maximum value in the
valid range above.

Syntax

Integer

Example

nsSSLSessionTimeout: 5

2.3.3.2. nsSSLclientauth

This attribute sets how clients may use certificates to authenticate to the Directory Server for SSL
connections.

The server has to be restarted for changes to this attribute to go into effect.

Parameter

Description

Entry DN

cn=encryption, cn=config

Valid Values

off | allowed | required

off means disallow certificate-based
authentication

allowed means clients may use certificates or
other forms of authentication

required means clients must use certificates for
authentication

Default Value

allowed

Syntax

DirectoryString

Example

nsSSLclientauth: allowed

2.3.3.3. nsSSL2

Supports SSL version 2. SSLv2 is deprecated, and Red Hat strongly discourages using it.

The server has to be restarted for changes to this attribute to go into effect.

Parameter

Description

Entry DN

cn=encryption, cn=config

Valid Values

on | off

Default Value

off

Syntax

DirectoryString

Example

nsSSL2: off

2.3.3.4 . nsSSL3

Supports SSL version 3.

The server has to be restarted for changes to this attribute to go into effect.

Parameter

Description

Entry DN

cn=encryption, cn=config

Valid Values

on | off

Default Value

on

Syntax

DirectoryString

Example

nsSSL3: on

2.3.3.5. nsSSL3ciphers

This multi-valued attribute specifies the set of encryption ciphers the Directory Server uses during SSL
communications. For more information on the ciphers supported by the Directory Server, see the
"Managing SSL" chapter in the Directory Server Administrator's Guide.

60

Chapter 2. Core Server Configuration Reference

Advertising
Popular Brands
Popular manuals