Red Hat CERTIFICATE SYSTEM 8.0 - ADMINISTRATION Admin Manual page 177
Hide thumbs
Also See for CERTIFICATE SYSTEM 8.0 - ADMINISTRATION:
- Using manual (48 pages) ,
- Agents manual (146 pages) ,
- Manual (124 pages)
Table of Contents
Advertisement
<VirtualHost _default_:7889>
#
Enable/Disable SSL for this virtual host.
NSSEngine on
#
List the ciphers that the client is permitted to negotiate.
NSSCipherSuite -des,-desede3,-rc2,-rc2export,-rc4,-rc4export,+rsa_3des_sha,-rsa_des_56_sha,
+rsa_des_sha,-rsa_null_md5,-rsa_null_sha,-rsa_rc2_40_md5,+rsa_rc4_128_md5,-rsa_rc4_128_sha,-
rsa_rc4_40_md5,-rsa_rc4_56_sha,-fortezza,-fortezza_rc4_128_sha,-fortezza_null,-fips_des_sha,
+fips_3des_sha,-rsa_aes_128_sha,-rsa_aes_256_sha,+ecdhe_ecdsa_aes_256_sha
NSSProtocol SSLv3,TLSv1
#
SSL Certificate Nickname:
NSSNickname "Server-Cert cert-pki-tps"
#
Server Certificate Database:
NSSCertificateDatabase
#
Client Authentication (Type):
NSSVerifyClient require
</VirtualHost>
Example 5.1. Excerpt SSL Configuration for Port 7889
The SSL configuration for port 7890 is the same as that for port 7889, with one exception: the
NSSVerifyClient directive is set to none. This means that client authentication is not required to
connect to that port.
<VirtualHost _default_:7890>
#
SSL Engine Switch:
NSSEngine on
#
SSL Cipher Suite:
NSSCipherSuite -des,-desede3,-rc2,-rc2export,-rc4,-rc4export,+rsa_3des_sha,-rsa_des_56_sha,
+rsa_des_sha,-rsa_null_md5,-rsa_null_sha,-rsa_rc2_40_md5,+rsa_rc4_128_md5,-rsa_rc4_128_sha,-
rsa_rc4_40_md5,-rsa_rc4_56_sha,-fortezza,-fortezza_rc4_128_sha,-fortezza_null,-fips_des_sha,
+fips_3des_sha,-rsa_aes_128_sha,-rsa_aes_256_sha,+ecdhe_ecdsa_aes_256_sha
NSSProtocol SSLv3,TLSv1
#
SSL Certificate Nickname:
NSSNickname "Server-Cert cert-pki-tps"
#
Server Certificate Database:
NSSCertificateDatabase
#
Client Authentication (Type):
NSSVerifyClient none
</VirtualHost>
Example 5.2. Excerpt SSL Configuration for Port 7890
5.7.1.2. Configuring the Enterprise Security Client to Use SSL
While the TPS listens by default over secure ports, the Enterprise Security Client uses standard ports.
The Enterprise Security Client configuration must be updated to use the secure ports.
Enabling SSL for TPS-Enterprise Security Client Connections
/var/lib/pki-tps/alias
/var/lib/pki-tps/alias
155
Advertisement
Table of Contents
Subscribe to Our Youtube Channel
Related Manuals for Red Hat CERTIFICATE SYSTEM 8.0 - ADMINISTRATION
Related Products for Red Hat CERTIFICATE SYSTEM 8.0 - ADMINISTRATION
- Red Hat CERTIFICATE 7.2 RELEASE NOTES
- Red Hat CERTIFICATE SYSTEM 7.2 - MIGRATION GUIDE
- Red Hat CERTIFICATE SYSTEM 7.1 - ADMINSISTRATOR
- Red Hat CERTIFICATE 7.3 RELEASE NOTES
- Red Hat CERTIFICATE SYSTEM 8 - DEPLOYMENT
- Red Hat CERTIFICATE SYSTEM 8 - AGENTS GUIDE
- Red Hat CERTIFICATE 8.0 RELEASE NOTES
- Red Hat CERTIFICATE SYSTEM ENTERPRISE - SECURITY GUIDE
- Red Hat CLUSTER SUITE - CONFIGURING AND MANAGING A CLUSTER 2006
- Red Hat CLUSTER MANAGER - INSTALLATION AND
- Red Hat Cluster Suite
- Red Hat Application Server
- Red Hat APPLICATION SERVER - JONAS
- Red Hat APPLICATION STACK 1.1 RELEASE
- Red Hat APPLICATION STACK 1.2 RELEASE
- Red Hat APPLICATION STACK 1.3 RELEASE
Need help?
Do you have a question about the CERTIFICATE SYSTEM 8.0 - ADMINISTRATION and is the answer not in the manual?