Chapter 2. Core Server Configuration Reference
74
2.3.3.1. nsSSLSessionTimeout
This attribute sets the lifetime duration of a TLS/SSL. The minimum timeout value is
5
seconds. If a
smaller value is set, then it is automatically replaced by
5
seconds. A value greater than the maximum
value in the valid range below is replaced by the maximum value in the range.
The server has to be restarted for changes to this attribute to go into effect.
Parameter
Description
Entry DN
cn=encryption, cn=config
Valid Range
5 seconds to 24 hours
Default Value
0, which means use the maximum value in the
valid range above.
Syntax
Integer
Example
nsSSLSessionTimeout: 5
2.3.3.2. nsSSLclientauth
This attribute sets how clients may use certificates to authenticate to the Directory Server for SSL
connections.
The server has to be restarted for changes to this attribute to go into effect.
Parameter
Description
Entry DN
cn=encryption, cn=config
Valid Values
off | allowed | required
off
means disallow certificate-based
authentication
allowed
means clients may use certificates or
other forms of authentication
required
means clients must use certificates for
authentication
Default Value
allowed
Syntax
DirectoryString
Example
nsSSLclientauth: allowed
2.3.3.3. nsSSL2
Supports SSL version 2. SSLv2 is deprecated, and Red Hat strongly discourages using it.
The server has to be restarted for changes to this attribute to go into effect.
Parameter
Description
Entry DN
cn=encryption, cn=config
Valid Values
on | off
Default Value
off
Syntax
DirectoryString
Содержание 8.1
Страница 8: ...viii ...
Страница 14: ...xiv ...
Страница 16: ...2 ...
Страница 250: ...236 ...
Страница 334: ...320 ...
Страница 372: ...358 ...