If you selected the option Check for SSL connection with LDAP user directory
when you set up the connection to the LDAP directory server, optionally use qpconfig.xml settings to customize the Secure Sockets Layer (SSL) connection.
Perform the following steps:
Table 1. SSL settings in the qpconfig.xml file
- Specify values in the <ssl_protocol> element of the qpconfig.xml file, for example:
<ssl protocol="3" accept_expired_certs="true"
Table 1 describes the settings.
- Save the modified qpconfig.xml file.
- Enter the following command at the server console to restart the HTTP task on the server:
|protocol="number" ||Type one of the following numbers to specify the SSL protocol used for the connection to the LDAP server:|
0 - Negotiated (default)
1 - LDAP V2.0 only
2 - LDAP V3.0 handshake
3 - LDAP V3.0 only
4 - LDAP V3.0 with V2.0 handshake
|accept_expired_certs="value"||Type "false" to prevent Lotus® Quickr™ from accepting a certificate from the LDAP server if the certificate has expired. Type "true" (the default) to accept a certificate that has expired.|
|verify_servername="value"||Type "false" to prevent Lotus Quickr from verifying whether the LDAP server host name matches the host name in the SSL certificate. Type "true" (the default) to require that the host name matches the host name in the certificate.|
Note: If the value is set to "true" but the host name does not match the host name in the certificate, then LDAP authentications fail.
Parent topic: Customizing Lotus Quickr control of directory services: qd85