Red Hat Directory Server 8.0 Configuration, Command, and File Reference
This multi-valued attribute specifies the set of encryption ciphers the Directory Server uses
during SSL communications. For more information on the ciphers supported by the Directory
Server, see the "Managing SSL" chapter in the Directory Server Administrator's Guide.
Parameter Description
Entry DN cn=encryption, cn=config
Valid Values
For SSLv3:
• rsa_null_md5
• rsa_rc4_128_md5
• rsa_rc4_40_md5
• rsa_rc2_40_md5
• rsa_des_sha
• rsa_fips_des_sha
• rsa_3des_sha
• rsa_fips_3des_sha
For TLS:
• tls_rsa_export1024_with_rc4_56_sha
• tls_rsa_export1024_with_des_cbc_sha
Default Value
Syntax
DirectoryString
Use the plus (+) symbol to enable or minus
(-) symbol to disable, followed by the ciphers.
Blank spaces are not allowed in the list of
ciphers.
To enable all ciphers — except
rsa_null_md5, which must be specifically
called — specify +all.
Example nsslapd-SSL3ciphers:
+RSA_NULL_MD5,+RC4_56_SHA,-RC4_56_SHA
For more information, see the "Managing SSL" chapter in the Directory Server Administrator's
cn=encryption
77