Red Hat Directory Server 8.0 Administrator's Guide
TIP
To find out what the Administration Server user ID is, run grep in the
Administration Server configuration directory:
cd /etc/dirsrv/admin-serv
grep \^User console.conf
3. In the /etc/dirsrv/admin-serv directory, edit the nss.conf file to point to the location of
the new password file.
# Pass Phrase Dialog:
# Configure the pass phrase gathering process.
# The filtering dialog program (`builtin' is a internal
# terminal dialog) has to provide the pass phrase on stdout.
NSSPassPhraseDialog file://etc/dirsrv/admin-serv/password.conf
4. Restart the Administration Server.
2
service dirsrv-admin restart
5. Setting Security Preferences
The Directory Server supported several different ciphers, and the type of ciphers to use for
TLS/SSL communications are set by the user. A cipher is the algorithm used in encryption.
Some ciphers are more secure, or stronger, than others. Generally speaking, the more bits a
cipher uses during encryption, the more difficult it is to decrypt the key.
When a client initiates an TLS/SSL connection with a server, the client tells the server what
ciphers it prefers to use to encrypt information. In any two-way encryption process, both parties
must use the same ciphers. There are a number of ciphers available. The server needs to be
able to use the ciphers that will be used by client applications connecting to the server.
5.1. Available Ciphers
This section lists information about the available ciphers for Directory Server encryption. Each
cipher has the following information:
• Directory Server name. The name of the cipher suite used when configuring the Directory
Server. The Directory Server uses this name both internally and in the Directory Server
Chapter 11. Managing SSL
412