iTP Secure WebServer System Administrator's Guide (iTPWebSvr 6.0+)
Configuration Directives
iTP Secure WebServer System Administrator’s Guide—523346-002
A-12
Examples of Cipher Support
RC4-MD5
RC2-CBC-MD5
DES-CBC3-MD5
DES-CBC-MD5
EXP-RC4-MD5
EXP-RC2-CBC-MD5
EXP-RC4-SHA1
EXP-RC2-CBC-SHA1
}
AcceptSecureTransport -transport /G/ZTC0 -cert {DN=....}\
-ciphers $cipherList
#
To deny all global clients and provide no encryption:
set cipherList {
DES-CBC3-SHA1
DES-CBC-SHA1
RC4-MD5
RC-SHA1
RC2-CBC-SHA1
RC2-CBC-MD5
DES-CBC3-MD5
DES-CBC-MD5
}
AcceptSecureTransport -transport /G/ZTC0 -cert {DN=....}\
-ciphers $cipherList
#
To allow only ciphers that a global server can configure:
#
set globalCiphers {
EXP-RC4-MD5
EXP-RC2-CBC-MD5
EXP-RC4-SHA1
EXP-RC2-CBC-SHA1
}
AcceptSecureTransport -transport /G/ZTC0 -cert {DN=....}\
-ciphers $globalCiphers
#
To deny access to the RC4 global cipher:
#
Region /* {
if {$HTTPS_CIPHER == "EXP-RC4-MD5"} {
Deny
}
}