iTP Secure WebServer System Administrator's Guide (iTPWebSvr 5.1+)
Configuration Directives
iTP Secure WebServer System Administrator’s Guide—522659-001
A-8
AcceptSecureTransport
-nossl
-nosslv2
-nosslv3
-nopct
Use the -nossl, -nosslv2, -nosslv3, or -nopct option to disallow SSL or
PCT requests, respectively. By default, both SSL and PCT requests are accepted.
The -nopct option in mandatory in WebSafe2 configurations because WebSafe2
units do not support the PCT protocol.
Table A-3
describes the actions that the iTP Secure WebServer takes based on the
type of SSL client-hello response message that can be received along with the
configuration options set. For additional information about the
HTTPS_PROTOCOL_VERSION CGI environment variable setting listed in this
table, see Table 8-1, Environment Variables, on page 8-11.
Table A-3. WebServer Actions Based on SSL Version
Client-Hello
Message
Configuration:
SSL 2.0 Only
(-nosslv3)
Configuration:
SSL 3.0 Only
(-nosslv2)
Configuration:
Both SSL 2.0
and SSL 3.0
SSL 2.0
Client-Hello
with SSL 2.0
Connection is
allowed.
Negotiated protocol
will be SSL 2.0.
HTTPS_
PROTOCOL_
VERSION
is set to 2.
Connection is
refused.
Error messages are
logged to the error
and extended log
files.
Connection is
allowed.
Negotiated protocol
will be SSL 2.0.
HTTPS_
PROTOCOL_
VERSION
is set to 2.
SSL 2.0
Client-Hello
with SSL 3.0
Connection is
allowed.
Negotiated protocol
will be SSL 2.0.
HTTPS_
PROTOCOL_
VERSION
is set to 2.
Connection is
allowed.
Negotiated protocol
will be SSL 3.0.
HTTPS_
PROTOCOL_
VERSION
is set to 3.
Connection is
allowed.
Negotiated protocol
will be SSL 3.0.
HTTPS_
PROTOCOL_
VERSION
is set to 3.
SSL 3.0 Connection is
refused.
Error messages are
logged to the error
and extended log
files.
Connection is
allowed.
Negotiated protocol
will be SSL 3.0.
HTTPS_
PROTOCOL_
VERSION
is set to 3.
Connection is
allowed.
Negotiated protocol
will be SSL 3.0.
HTTPS_
PROTOCOL_
VERSION
is set to 3.