Users Guide
Service Parameter Action/Description
certificates in the chain
against CRLs
Lists (CRLs), select TRUE. Else, select FALSE.
ECDH Curve Select one of the following ECDHcurve (Elliptic Curve Diffie-Helman) options
from the drop-down list:
l X9.62/SECG curve over a 256-bit prime field
l NIST/SECG curve over a 384-bit prime field
Disable TLS 1.2 To disable Transport Layer Security 1.2 (TLS 1.2), select TRUE.
FALSE is the default setting—TLS 1.2 is enabled by default.
Check the validity of
intermediary certificates in
the chain using OCSP
To check the validity of intermediary certificates in the chain using OCSP, select
TRUE.
The defaOnline Certificate Status Protocolult is FALSE.
Maximum Number of AD
Authentication Processes
To specify the maximum number of Active Directory authentication processes,
enter a number between 1 and 5.
The default is 1.
Verify OCSP Signing Purpose Specify one of the following:
l TRUE: EAP-TLS authentication will fail unless the OCSP signing certificate
also has the OCSP signing purpose set.
l FALSE: The OCSP signing certificate does not need to have the OCSP signing
purpose set. This is default setting.
TLS Session Cache Limit Specify the number of TLS sessions to cache before purging the cache (used in
TLS based 802.1X EAP Methods).
The range is from 1,000 to 100,000. The default is 10,000.
Table 282: Service Parameters > RADIUS Server Service (Continued)
Stats Collection Service Options
The following figure displays the Service Parameters tab > Stats Collection Service parameters:
Figure 511: Stats Collection Service Parameters
Dell Networking W-ClearPass Policy Manager 6.6 | User Guide Administration | 521