Setting Security Preferences - Netscape DIRECTORY SERVER 6.02 - ADMINISTRATOR Administrator's Manual

If you want Netscape Console to use SSL during communications with
10.
Directory Server, select Use SSL in Netscape Console.
Click Save.
11.
Restart the Directory Server.
12.
See "Starting the Server with SSL Enabled," on page 36 for more information.

Setting Security Preferences

You can choose the type of ciphers you want to use for SSL communications. A
cipher is the algorithm used in encryption. Some ciphers are more secure or stronger
than others. Generally speaking, the more bits a cipher uses during encryption, the
more difficult it is to decrypt the key. For a more complete discussion of algorithms
and their strength, see Managing Servers with Netscape Console.
When a client initiates an SSL connection with a server, the client tells the server
what ciphers it prefers to use to encrypt information. In any two-way encryption
process, both parties must use the same ciphers. There are a number of ciphers
available. Your server needs to be able to use the ciphers that will be used by client
applications connecting to the server.
Directory Server provides the following SSL 3.0 ciphers:
• RC4 cipher with 40-bit encryption and MD5 message authentication.
• RC2 cipher with 40-bit encryption and MD5 message authentication.
• No encryption, only MD5 message authentication.
• DES with 56-bit encryption and SHA message authentication.
• RC4 cipher with 128-bit encryption and MD5 message authentication.
• Triple DES with 168-bit encryption and SHA message authentication.
• FIPS DES with 56-bit encryption and SHA message authentication. This cipher
meets the FIPS 140-1 U.S. government standard for implementations of
cryptographic modules.
• FIPS Triple DES with 168-bit encryption and SHA message authentication. This
cipher meets the FIPS 140-1 US government standard for implementations of
cryptographic modules.
Setting Security Preferences
Chapter 11 Managing SSL 383