Brief description of the SSL directives discussed in this
document
Listen
Tells the IBM HTTP Server what port to use for secure communication. The
standard port is 443. This directive is set in the Global Scope.
SSLEnable
Enables this virtualhost for secure communication
SSLClientAuth None
Indicates that client authentication is disabled. This means that the
client browser is not required to pass a client certificate during the
handshake. Most sites do not require client authentication. To enable
client authentication, use the SSLClientAuth Require directive.
SSLDisable
In the Global Scope; indicates SSL is disabled outside the virtualhost.
KeyFile
In the Global Scope; points to the key database file that contains the
personal server certificates required by the browser during an SSL
handshake. Refer to Step 2 in this technote.
SSLV2Timeout
Sets the timeout for SSL Version 2 session IDs
SSLV3Timeout
Sets the timeout for SSL Version 3 session IDs
SSLServerCert
Specifies the labelname of the certificate in the key database file that
must be passed to the client browser during an SSL handshake. This is
useful and required when you have multiple certificates stored in the key
database file along with multiple SSL virtualhosts.
SSLCipherSpec
Used to limit which cipher the site allows during an SSL handshake.
Browsers that do not provide the allowed cipher are denied access to the
requested resource.
SSLCipherRequire
Most often used within a directory and/or location stanza to allow access
to specific content, only if the corresponding cipher is used. Browsers
that do not provide the allowed cipher are denied access to the requested
resource. You can also use SSLCipherBan directives.
For a complete list of available SSL directives: