Table of Contents
Advertisement
SSLCARevocationPath
Revocation Lists (CRLs) are stored. These CRLs come from the CAs (Certificate
Authorities) that you accept certificates from. If a client attempts to authenticate
itself with a certificate that is on one of these CRLs, then the certificate is revoked
and the client cannot authenticate itself with your server.
Category
Value
Syntax
SSLCARevocationPath path/to/CRL_directory/
Example
SSLCARevocationPath /ORACLE_HOME/Apache/conf/ssl.crl/
Default
None
Context
server configuration, virtual host
Specifies the SSL
SSLCipherSuite
SSL handshake. This directive uses a colon-separated cipher specification string to
identify the cipher suite.
describe the cipher suite you want.
Tags are joined together with prefixes to form cipher specification string.
Category
Value
Valid Values
none: Adds the cipher to the list
+ : Adds the cipher to the list and place them in the correct location in the
list
- : Remove the cipher from the list (can be added later)
! : Remove the cipher from the list permanently
Example
SSLCipherSuite ALL:!LOW:!DH
In this example, all ciphers are specified except low strength ciphers and
those using the
Syntax
SSLCipherSuite cipher-spec
Default
None
Context
server configuration, virtual host, directory
Security Services Implemented Within Oracle HTTP Server
Specifies the directory where PEM-encoded Certificate
cipher suite
Table 8–3
shows the tags you can use in the string to
Diffie-Hellman key negotiation algorithm
that the client can use during the
Managing Security 8-15
.
Advertisement
Table of Contents
Need help?
Do you have a question about the HTTP Server B12255-01 and is the answer not in the manual?