Setting Multi-Valued Properties With dsconf (Sun Java System Directory Server Enterprise Edition 6.0 Administration Guide)

Sun Java System Directory Server Enterprise Edition 6.0 Administration Guide

Setting Multi-Valued Properties With `dsconf`

Certain Directory Server properties can take multiple values. The syntax to specify these values is as follows:

$ dsconf set-container-prop -h host -p port container-name \
 property:value1 property:value2

For example, to set multiple encryption ciphers for a server, use the following command:

$ dsconf set-server-prop -h host1 -p 1389 ssl-cipher-family:SSL_RSA_WITH_RC4_128_MD5 \
 ssl-cipher-family:SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA

If you add or modify a value for a multi-valued property that already contains values, you must reset all the values. For example, in the scenario described previously, if you want to add an encryption cipher, you must include all the other encryption ciphers in the command:

$ dsconf set-server-prop -h host1 -p 1389 ssl-cipher-family:SSL_RSA_WITH_RC4_128_MD5 \
 ssl-cipher-family:SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA \
 ssl-cipher-family:TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA

The same rule applies if you want to remove a value. So, to remove the MD5 cipher from the list in the previous example, run the following command:

$ dsconf set-server-prop -h host1 -p 1389 ssl-cipher-family:SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA \
 ssl-cipher-family:TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA