389-admin-console 1.1.8-2 / usr / share / dirsrv / manual / en / admin / help / configure_administration_server_encryption.html

<p class="topic">
Configure Administration Server - Encryption
</p>

<p class="text">
Use this dialog box to enable Secure Sockets Layer (SSL) encryption.
</p>
<p class="text">
<b>Enable SSL for this server.</b> Select this option if you want to secure this server with Secure Sockets Layer (SSL) encryption. All other SSL encryption options listed here become available to you only when you enable SSL by checking this box.
</p>
<p class="text">
<b>Use this cipher family.</b> When you enable SSL encryption, the cipher families available to you are listed here. The internal security device supports only the RSA cipher family.
</p>
<p class="text">
<b>Security Device.</b> Choose internal (software) if the key is stored in the local key database. All other choices on this list are available only if you are using an external module.
</p>
<p class="text">
<b>Certificate.</b> Choose a server certificate to use with this server.
</p>
<p class="text">
<b>Settings. </b>Click this button to modify cipher settings for the certificate you selected above.
</p>
<p class="text">
<b>Disable Client Authentication.</b> Select this option if you do not want this server instance to perform client authentication.
</p>
<p class="text">
<b>Require Client Authentication.</b> Select this option if you want this server instance to require client authentication during the SSL handshake.
</p>
<p class="text">
If you select this option, each administrator will be prompted for a certificate when logging in via the Management Console. This ensures system security because all administrators must present acceptable certificates before they can perform management tasks. Even if an intruder obtains a user name and password, he or she will need to present a valid certificate (one issued by a trusted CA) to gain access to your enterprise.
</p>