Last update August 11, 2016
In the [crypto] section, the tokens control aspects associated with the cryptography module.
Defines the full pathname to the Certificate Authority (CA) certificate database.
Specifies whether secure socket layer (SSL) protocols are enabled.
If you set this to ssl_only, only SSL V2, SSL V3, and TLS connections are enabled. This means that this computer cannot communicate with computers that do not support SSL, and so cannot communicate with computers that are running versions of CA ControlMinder earlier than r12.0, which do not support SSL.
Note: Computers that are running CA ControlMinder r12.0 and later do support SSL.
If the fips_only token is set to 1, the actual communication mode is set to ssl_only in FIPS mode (that is, TLS), and the communication_mode token is ignored.
Valid values are:
Defines the installation directory of CAPKI.
Specifies the encryption libraries that the CA ControlMinder Agent uses to decrypt messages. The Agent attempts to use each library in the list, in turn, until the decryption is successful.
Limits: libaes256, libaes192, libaes128, libdes, libtripledes, libscramble
Default: libaes256, libaes192, libaes128, libdes, libtripledes
This token controls whether CA ControlMinder works in FIPS only mode. In this mode all non-FIPS functions are disabled.
1 - CA ControlMinder works in FIPS only mode
0 - CA ControlMinder works in non-FIPS mode
Defines the directory for the ETPKI cryptographic library.
Defines the full pathname to the subject private key.
Defines the port for SSL communications between CA ControlMinder clients and services.
Defines the full pathname to the subject certificate.
Was this helpful?
Thank you for your feedback.