Configuring the MF Directory Server to use TLS Protocols and Cipher Suites

To configure an MF Directory Server to force the use of a cipher suite list:

  1. Open the Enterprise Server Administration page.
  2. In the left pane under Configure, click Security.
  3. Click the MF Directory Server tab.
  4. Check Restrict administration access.
  5. In the Authenticated Client Sessions group, click Use encrypted connections.
  6. In the Secure Ports field, type a port number.
    • Check Use custom server ID certificates.
      This enables you to specify a certificate and keyfile.
      Note: If you do not specify a certificate and keyfile MF Directory Server uses the default certificate and keyfile created when DemoCA was installed.
  7. Check TLS honor server cipher list to force clients to use the protocols and cipher suites specified in order of their priority.
  8. In the TLS protocols field, type the list of protocols in order of priority, for example: 
    -ALL+SSL3+TLS1
  9. In the Cipher suites field, type the list of cipher suites in order of priority, for example: 
    HIGH:!SSLv2:!RC4:!aNULL@STRENGTH
  10. Click OK.

See MF Directory Server Security for more information on configuration options.

Parent topic: Specifying a Server Protocol and Cipher Suite Preference