System Administration IBM HTTP Server documentation

Setting and viewing cipher specifications

This section describes setting and viewing cipher specifications for secure transactions. Links to related topics appear at the end of this section.

For each virtual host, set the cipher specification to use during secure transactions. The specified cipher specifications validate against the level of the GSK toolkit installed on your system. Invalid cipher specifications cause an error to log in the error log. If the client issuing the request does not support the ciphers specified, the request fails and the connection closes to the client.

Specifying cipher specifications

  1. Specify a value for each virtual host stanza in the configuration file, on the SSLCipherSpec directive, as in the following examples:
    SSLCipherSpec short name
    

    or

    SSLCipherSpec long name
    

    where short name and long name represent the name of an SSL Version 2, or SSL Version 3 cipher specification.

  2. Save the configuration file and restart the server.

Viewing configured cipher specification

To see which cipher specifications the server uses for secure transactions, look at the informational messages in the error log.

  1. Specify to include informational messages in the error log by using the LogLevel directive in the configuration file:
    LogLevel info
    
  2. Look in the error log for messages in this format:
    TimeStamp info_message mod_ibm_ssl: Using Version 2|3 Cipher: long name|short name.
    

The order that the cipher specifications appear in the error log from top to bottom represents the attempted order of the cipher specifications.

 
Finding related information

     (Back to the top)