1. Manuals
  2. Brands
  3. Novell Manuals
  4. Software
  5. IFOLDER 3.6 - SECURITY ADMINISTRATION
  6. Manual

Configuring A Cipher Suite To Use For Ssl/Tls; Installing Trusted Roots And Certifications On The Ifolder Server; Installing Server Certificates From A Known Certificate Authority; Section 2.6, "Configuring A Cipher Suite To Use For Ssl/Tls - Novell IFOLDER 3.6 - SECURITY ADMINISTRATION Manual

Hide thumbs Also See for IFOLDER 3.6 - SECURITY ADMINISTRATION:
Table of Contents

Advertisement

For information about disabling the SSL 2.0 protocol for the Apache server, see
SSL Cipher Suites for the Apache
For information about configuring strong SSL/TLS security solutions, see
Encryption: How-To (http://httpd.apache.org/docs/2.0/ssl/ssl_howto.html)
site.
2.6 Configuring a Cipher Suite to Use for SSL/
TLS
To ensure strong encryption, we strongly recommend the following configuration for the Apache
server's SSL cipher suite settings:
Use only High and Medium security cipher suites, such as RC4 and RSA.
Remove from consideration any ciphers that do not authenticate, such as Anonymous Diffie-
Hellman (ADH) ciphers.
Disable the Low, Export, and Null cipher suites unless you need them for other applications.
Do not disable the Low and Export cipher suites if they are required by your customer base.
Individuals using older browsers (4-5 years old) and older versions of Windows*, such as
Windows 98 might still need those cipher suites for other services.
For information, see
"Configuring the SSL Cipher Suites for the Apache
Novell iFolder 3.6 Administration
For information about configuring strong SSL/TLS security solutions, see
Encryption: How-To (http://httpd.apache.org/docs/2.0/ssl/ssl_howto.html)
site.
2.7 Installing Trusted Roots and Certifications on
the iFolder Server
You should manually install the trusted roots and the directory public key out-of-band. For
information, see
"Managing SSL Certificates for
Administration
Guide.
2.8 Installing Server Certificates from a Known
Certificate Authority
You should use valid certificates for both the Apache server and for communication between the
Simias server and the Simias client daemon. Simias is the technology underpinning your iFolder
server and client software. You should have the server public key signed by a known certificate
authority (CA). For information, see
Novell iFolder 3.6 Administration
Server".
Guide.
Apache" in the
"Generating an SSL Certificate for the
Guide.
"Configuring the
SSL/TLS Strong
on the Apache.org Web
Server" in the
SSL/TLS Strong
on the Apache.org Web
OES2: Novell iFolder 3.6
Server" in the
Security Best Practices for Novell iFolder 3.6
OES2:
OES2:
13

Advertisement

Table of Contents
loading

Related Manuals for Novell IFOLDER 3.6 - SECURITY ADMINISTRATION

Related Content for Novell IFOLDER 3.6 - SECURITY ADMINISTRATION

Table of Contents