Sun Java System Web Server 6.1 SP12 Administrator's Configuration File Reference

SSLPARAMS

Defines SSL (Secure Socket Layer) parameters.

Subelements

None

Attributes

The following table describes attributes for the SSLPARAMS element.

Table 2–8 SSLPARAMS Attributes

Attribute  

Default  

Description  

servercertnickname

Server-Cert

The nickname of the server certificate in the certificate database or the PKCS#11 token. In the certificate, the name format is tokenname:nickname. Including the tokenname: part of the name in this attribute is optional.

ssl2

false

(Optional) Determines whether SSL2 is enabled. Legal values are on, off, yes, no, 1, 0, true, and false. If both SSL2 and SSL3 are enabled for a virtual server, the server tries SSL3 encryption first. If that fails, the server tries SSL2 encryption.

ssl2ciphers

none 

(Optional) A space-separated list of the SSL2 ciphers used, with the prefix + to enable or - to disable. For example +rc4. Allowed values are rc4, rc4export, rc2, rc2export, idea, des, desede3.

ssl3

true

(optional) Determines whether SSL3 is enabled. Legal values are on, off, yes, no, 1, 0, true and false. If both SSL2 and SSL3 are enabled for a virtual server, the server tries SSL3 encryption first. If that fails, the server tries SSL2 encryption.

ssl3tlsciphers

none 

(optional) A space-separated list of the SSL3 ciphers used, with the prefix + to enable or - to disable, for example +rsa_des_sha. Allowed SSL3 values are rsa_rc4_128_md5, rsa_3des_sha, rsa_des_sha, rsa_rc4_40_md5, rsa_rc2_40_md5, rsa_null_md5. Allowed TLS values are rsa_des_56_sha, rsa_rc4_56_sha.

tls

true

(optional) Determines whether TLS is enabled. Legal values are on, off, yes, no, 1, 0, true, and false.

tlsrollback

true

(optional) Determines whether TLS rollback is enabled. Legal values are on, off, yes, no, 1, 0, true, and false. TLS rollback should be enabled for Microsoft Internet Explorer 5.0 and 5.5.

clientauth

false

(optional) Determines whether SSL3 client authentication is performed on every request, independent of ACL-based access control. Legal values are on, off, yes, no, 1, 0, true, and false.