iTP Secure WebServer System Administrator's Guide (iTPWebSvr 5.1+)

ManualsBrandsHP ManualsServerHP NonStop G-Series

311

312

313

314

315

316

317

318

319

320

Configuration Directives

iTP Secure WebServer System Administrator’s Guide—522659-001

A-12

AccessLog

To deny all global clients and provide no encryption:

set cipherList {

DES-CBC3-SHA1

DES-CBC-SHA1

RC4-MD5

RC-SHA1

RC2-CBC-SHA1

RC2-CBC-MD5

DES-CBC3-MD5

DES-CBC-MD5

}

AcceptSecureTransport -transport /G/ZTC0 -cert {DN=....}\

-ciphers $cipherList

To allow only ciphers that a global server can configure:

set globalCiphers {

EXP-RC4-MD5

EXP-RC2-CBC-MD5

EXP-RC4-SHA1

EXP-RC2-CBC-SHA1

}

AcceptSecureTransport -transport /G/ZTC0 -cert {DN=....}\

-ciphers $globalCiphers

To deny access to the RC4 global cipher:

Region /* {

if {$HTTPS_CIPHER == "EXP-RC4-MD5"} {

Deny

}

AccessLog

Syntax

AccessLog pathname

Description

You set the AccessLog directive to the pathname of the server access log file. This log

file records information about client requests, structuring the information in a format

commonly used by other HTTP server software. For further information about this

format, see Appendix C, Server Log File Formats

. For information about recording

access information in a different format, see ExtendedLog on page A-18.

Only one AccessLog directive is allowed in the configuration file.