Certain Directory Server properties can take multiple values. The syntax to specify these values is as follows:
$ dsconf set-container-prop -h host -p port container-name \ property:value1 property:value2 |
For example, to set multiple encryption ciphers for a server, use the following command:
$ dsconf set-server-prop -h host1 -p 1389 ssl-cipher-family:SSL_RSA_WITH_RC4_128_MD5 \ ssl-cipher-family:SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA |
To add a value to a multi-valued property that already contains values, use the following syntax:
$ dsconf set-container-prop -h host -p port container-name property+:value |
To remove a value from a multi-valued property that already contains values, use the following syntax:
$ dsconf set-container-prop -h host -p port container-name property-:value |
For example, in the scenario described previously, to add the SHA encryption cipher to the list of ciphers, run this command:
$ dsconf set-server-prop -h host1 -p 1389 \ ssl-cipher-family+:TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA |
To remove the MD5 cipher from the list, run this command:
$ dsconf set-server-prop -h host1 -p 1389 ssl-cipher-family-:SSL_RSA_WITH_RC4_128_MD5 |