You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by "Emmanuel Lecharny (JIRA)" <ji...@apache.org> on 2014/11/23 06:53:12 UTC
[jira] [Commented] (DIRSERVER-2024) Add some configuration for the
list of supported TLS protocol
[ https://issues.apache.org/jira/browse/DIRSERVER-2024?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14222323#comment-14222323 ]
Emmanuel Lecharny commented on DIRSERVER-2024:
----------------------------------------------
There are a few parameters that can be passed to MINA :
- the list of enabled Ciphers
- the list of enabled protocols
- the client auth flag, either 'need' or 'want'
We need four MAY attributes ({{ads-enabledProtocol}}, {{ads-enabledCipher}}, {{ads-wantClientAuth}}, {{ads-needClientAuth}})
, and we have to augment the {{ads-transport}} objectClass :
{code}
version: 1
dn: m-oid=1.3.6.1.4.1.18060.0.4.1.3.18,ou=objectClasses,cn=adsconfig,ou=schema
m-oid: 1.3.6.1.4.1.18060.0.4.1.3.18
m-name: ads-transport
m-description: A transport (TCP or UDP)
objectclass: top
objectclass: metaTop
objectclass: metaObjectClass
m-supobjectclass: ads-base
m-typeobjectclass: ABSTRACT
m-must: ads-transportId
m-must: ads-systemPort
m-must: ads-transportAddress
m-may: ads-transportBacklog
m-may: ads-transportEnableSSL
m-may: ads-transportNbThreads
m-may: ads-enabledProtocol
m-may: ads-enabledCipher
m-may: ads-wantClientAuth
m-may: ads-needClientAuth
creatorsname: uid=admin,ou=system
{code}
> Add some configuration for the list of supported TLS protocol
> -------------------------------------------------------------
>
> Key: DIRSERVER-2024
> URL: https://issues.apache.org/jira/browse/DIRSERVER-2024
> Project: Directory ApacheDS
> Issue Type: Task
> Affects Versions: 2.0.0-M19
> Reporter: Emmanuel Lecharny
> Fix For: 2.0.0-M20
>
>
> We should add some element in the configuration to propagate the list of supported security parameters in the SslEngine
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)