You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
31 lines
1.6 KiB
31 lines
1.6 KiB
########################################################################################################################
|
|
# SSL Configuration details
|
|
########################################################################################################################
|
|
|
|
[sslConfig]
|
|
* Configure SSL for communications with Active Directory directory services under this stanza name.
|
|
* Follow this stanza name with any number of the following attribute/value pairs.
|
|
* If you do not specify an entry for each attribute, SA-ldapsearch will use the value specified under the sslConfig
|
|
stanza name in server.conf.
|
|
|
|
sslVersions = <versions_list>
|
|
* Comma-separated list of SSL versions to support.
|
|
* The specific versions available are "ssl2", "ssl3", and "tls1.0".
|
|
* The special version "*" selects all supported versions. The version "tls" selects all versions tls1.0 or newer.
|
|
* If a version is prefixed with "-", it is removed from the list.
|
|
* Defaults to tls.
|
|
|
|
sslVerifyServerCert = true|false
|
|
* If this is set to true, you should make sure that the Active Directory server that is being connected to is a
|
|
valid one (i.e., authenticated). Both the common name and the alternate name of the server are then checked for
|
|
a match, if they are specified. A certificate is considered verified, if either is matched.
|
|
* Default is false.
|
|
|
|
caCertFile = <filename>
|
|
* Public key of the signing authority.
|
|
* Default is cacert.pem.
|
|
|
|
caPath = <path>
|
|
* Path where all these certs are stored.
|
|
* Default is $SPLUNK_HOME/etc/auth.
|