Table of Contents
Advertisement
Setting Security Preferences
When a client initiates an SSL connection with a server, the client tells the server
what ciphers it prefers to use to encrypt information. In any two-way encryption
process, both parties must use the same ciphers. There are a number of ciphers
available. Your server needs to be able to use the ciphers that will be used by client
applications connecting to the server.
Directory Server provides the following SSL 3.0 ciphers:
•
RC4 cipher with 40-bit encryption and MD5 message authentication.
•
RC2 cipher with 40-bit encryption and MD5 message authentication.
•
No encryption, only MD5 message authentication.
•
DES with 56-bit encryption and SHA message authentication.
•
RC4 cipher with 128-bit encryption and MD5 message authentication.
•
Triple DES with 168-bit encryption and SHA message authentication.
•
FIPS DES with 56-bit encryption and SHA message authentication. This cipher
meets the FIPS 140-1 U.S. government standard for implementations of
cryptographic modules.
•
FIPS Triple DES with 168-bit encryption and SHA message authentication. This
cipher meets the FIPS 140-1 US government standard for implementations of
cryptographic modules.
To select the ciphers you want the server to use:
Make sure SSL is enabled for your server.
1.
For information, see "Activating SSL," on page 387.
On the Directory Server Console, select the Configuration tab and then select
2.
the topmost entry in the navigation tree in the left pane.
Select the Encryption tab in the right pane.
3.
This displays the current server encryption settings.
Click Cipher Settings.
4.
The Cipher Preference dialog box is displayed.
In theCipher Preference dialog box, specify which ciphers you want your
5.
server to use by selecting them from the list, and click OK.
Unless you have a security reason to not use a specific cipher, you should select
all of the ciphers, except for
On the Encryption tab, click Save.
6.
390
Netscape Directory Server Administrator's Guide • August 2002
.
none,MD5
Advertisement
Table of Contents
Troubleshooting
Related Manuals for Netscape NETSCAPE DIRECTORY SERVER 6.1 - ADMINISTRATOR
Related Products for Netscape NETSCAPE DIRECTORY SERVER 6.1 - ADMINISTRATOR
- Netscape NETSCAPE DIRECTORY SERVER 6.01 - ADMINISTRATOR
- Netscape NETSCAPE DIRECTORY SERVER 6.01 - PLUG-IN
- Netscape NETSCAPE DIRECTORY SERVER 6.02 - ADMINISTRATOR
- Netscape NETSCAPE DIRECTORY SERVER 6.02 - PLUG-IN
- Netscape NETSCAPE DIRECTORY SERVER 6.2 - DEPLOYMENT
- Netscape NETSCAPE DIRECTORY SERVER 6.1 - PLUG-IN
- Netscape NETSCAPE DIRECTORY SERVER 6.2 - ADMINISTRATOR
- Netscape NETSCAPE DIRECTORY SERVER 6.2 - PLUG-IN
- Netscape NETSCAPE DIRECTORY SERVER 6.0
- Netscape NETSCAPE DIRECTORY SERVER 6.0 - DEPLOYMENT
- Netscape NETSCAPE DIRECTORY SERVER 6.01 - DEPLOYMENT
- Netscape NETSCAPE DIRECTORY SERVER 6.02 - DEPLOYMENT
- Netscape NETSCAPE DIRECTORY SERVER 7.0 - PLUG-IN
- Netscape NETSCAPE DIRECTORY SERVER 7.0 - DEPLOYMENT
- Netscape NETSCAPE DIRECTORY SERVER 7.0 - GATEWAY CUSTOMIZATION
- Netscape ENTERPRISE SERVER 6.0