ssl-enabled

This stanza entry specifies whether the Security Verify Access server uses SSL to communicate with the LDAP server.

Syntax

ssl-enabled = {yes|true|no|false}

Description

Specification of whether the Security Verify Access server uses SSL to communicate with the LDAP server. The value for each Security Verify Access server can be different, depending on how that server was configured. If this value is set to yes and Federal Information Processing Standards (FIPS) mode is enabled (ssl-compliance=yes), LDAP uses whatever secure communication protocol it chooses for FIPS enablement.

If you specify that the authorization API (aznAPI) should use SSL to communicate with the LDAP server, you must enable SSL using this stanza entry.

If you enable SSL communication, you must specify an SSL key file name and, if there are multiple keys in the file, the key file DN.

Options

yes|true: Enables SSL communication.
no|false: Disables SSL communication. Anything other than yes or true, including a blank value, is interpreted as no or false.

Usage

Required to enable SSL communication. When ssl-enabled = yes, the LdapSSL entry in the ldap.conf file must be set to useSSL.

Default value

There is no default value. The default values are server-dependent.

Example

ssl-enabled = yes