Red Hat Directory Server 8.0 Configuration, Command, and File Reference

on the changelog, see Section 3.2.1, “nsslapd-changelogdir”.

The server has to be restarted for changes to this attribute to go into effect.

Parameter Description

Entry DN cn=changelog5,cn=config

Valid Range 0 (meaning that the only maximum limit is the

disk size) to maximum 32-bit integer

(2147483647)

Default Value 0

Syntax Integer

Example nsslapd-changelogmaxentries: 5000

3.3. cn=encryption

Encryption related attributes are stored under the cn=encryption,cn=config entry. The

cn=encryption,cn=config entry is an instance of the nsslapdEncryptionConfig object

class.

3.3.1. nssslsessiontimeout

This attribute sets the lifetime duration of a TLS/SSL. The minimum timeout value is 5 seconds.

If a smaller value is set, then it is automatically replaced by 5 seconds. A value greater than the

maximum value in the valid range below is replaced by the maximum value in the range.

The server has to be restarted for changes to this attribute to go into effect.

Parameter Description

Entry DN cn=encryption, cn=config

Valid Range 5 seconds to 24 hours

Default Value 0, which means use the maximum value in

the valid range above.

Syntax Integer

Example nssslsessiontimeout: 5

3.3.2. nssslclientauth

This attribute sets how clients may use certificates to authenticate to the Directory Server for

SSL connections.

The server has to be restarted for changes to this attribute to go into effect.

cn=encryption