iTP Secure WebServer System Administrators Guide (Version 7.5+)
Examples of Secure Transport Protocol Support (Port 4430)
• To accept SSL 3.0, TLS 1.0, TLS 1.1 and TLS 1.2 connections:
AcceptSecureTransport -transport /G/ZTC0 -cert {CN=...}
• To accept SSL 3.0 and TLS 1.1 connections:
AcceptSecureTransport -transport /G/ZTC0 -cert {CN=...}
-notls1.0 -notls1.2
• To accept SSL 3.0 and TLS 1.0 connections:
AcceptSecureTransport -transport /G/ZTC0 -cert {CN=...}
-notls1.1 -notls1.2
• To accept SSL 3.0 and TLS 1.2 connections:
AcceptSecureTransport -transport /G/ZTC0 -cert {CN=...}
-notls1.1 -notls1.0
• To accept TLS 1.0 and TLS 1.1 connections:
AcceptSecureTransport -transport /G/ZTC0 -cert {CN=...}
-nossl
• To accept only SSL connections:
AcceptSecureTransport -transport /G/ZTC0 -cert {CN=...}\
-notls1.0 -notls1.1 -notls1.2
or
AcceptSecureTransport -transport /G/ZTC0 -cert {CN=...}
-notls
Examples of Cipher Support
To allow only Triple AES:
AcceptSecureTransport -transport /G/ZTC0 -cert {DN=...}\
-port 4433 -ciphers {AES_256_CBC AES_128_CBC}
# To allow all SSLv3 ciphers:
set SSLv3_CipherList {
AES_256_CBC
AES_128_CBC
RC4_128
3DES_CBC
}
AcceptSecureTransport -transport /G/ZTC0 -cert {DN=....}
-ciphers $SSLv3_CipherList
# To allow all supported ciphers:
set cipherList {
CAMELLIA_256_CBC
CAMELLIA_128_CBC
AES_256_CBC
AES_128_CBC
RC4_128
3DES_CBC
}
AcceptSecureTransport -transport /G/ZTC0 -cert {DN=....}\
-ciphers $cipherList
Examples of hashAlgorithm Support
To allow only SHA1 and SHA256 cryptography hashing algorithms:
AcceptSecureTransport -transport /G/ZTC0 -cert {DN=...}\
-port 4433 -hashAlgorithm {SHA1 SHA256}
To allow all the supported cryptography hashing algorithms:
AcceptSecureTransport 205