Setting and viewing cipher specifications

This section describes setting and viewing cipher specifications for secure transactions. Links to related topics appear at the end of this section.

• Specifying cipher specifications
• Viewing configured cipher specifications
• Finding related information

For each virtual host, set the cipher specification to use during secure transactions. The specified cipher specifications validate against the level of the GSK toolkit installed on your system. Invalid cipher specifications cause an error to log in the error log. If the client issuing the request does not support the ciphers specified, the request fails and the connection closes to the client.

Specifying cipher specifications

1. Specify a value for each virtual host stanza in the configuration file, on the SSLCipherSpec directive, as in the following examples:

   SSLCipherSpec shortname
   

   or

   SSLCipherSpec longname
   

   where shortname and longname represent the name of an SSL Version 2, or SSL Version 3 cipher specification.

2. Save the configuration file and restart the server.

Viewing configured cipher specification

To see which cipher specifications the server uses for secure transactions, look at the informational messages in the error log.

1. Specify to include informational messages in the error log by using the LogLevel directive in the configuration file:

   LogLevel info
   

2. Look in the error log for messages in this format:

   TimeStamp info_message mod_ibm_ssl: Using Version 2|3 Cipher: longname|shortname.
   

The order that the cipher specifications appear in the error log from top to bottom represents the attempted order of the cipher specifications.

     (Back to the top)