Configuring SSL protocol manually
You can authenticate, or transmit confidential material in unencrypted text over the network. Therefore, your login credentials and other confidential information can be intercepted and viewed by a third party. Unless you use the SSL protocol , an attacker can intercept session management information and potentially hijack the session.
To enable (configure) the SSL protocol manually, use the following instructions:
For Windows and Linux
- Open the http.conf file from Apache web server, and uncomment the following strings:
LoadModule ssl_module modules/mod_ssl.so - Add the following strings at the end of the file:
Windows:
SSLPassPhraseDialog builtin
SSLSessionCache "shmcb:C:/RLM_SSL/apache-server//logs/ssl_scache(512000)"
SSLSessionCacheTimeout 300
SSLEngine on
SSLProtocol all
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
SSLCertificateKeyFile "C:\temp\key.der"
SSLCertificateFile "C:\temp\cert.der"
SSLPassPhraseDialog "exec:C:/RLM_SSL/apache-server//conf/passphrase-script.bat"
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
Linux:
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog builtin
SSLSessionCache " shmcb:/tmp/ssl_scache(512000) "
SSLSessionCacheTimeout 300
SSLEngine on
SSLProtocol all
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
SSLCertificateKeyFile "/tmp/test/key.der
SSLCertificateFile "/tmp/test/cert.der"
SSLPassPhraseDialog " exec:/opt/bmc/RLM_SSL/apache-server//conf/passphrase-script
"
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
key.der, cert.der—your generated certification files
Was this page helpful? Yes No
Submitting...
Thank you
Comments
Log in or register to comment.