Macromedia flash media server 2-managing flash media server ユーザーズマニュアル
122
Configuration Files
The cipher list consists of one or more cipher strings separated by colons. Commas or spaces
are also acceptable separators but colons are normally used.
are also acceptable separators but colons are normally used.
The string of ciphers string can take several different forms.
■
It can consist of a single cipher suite such as RC4-SHA.
■
It can represent a list of cipher suites containing a certain algorithm, or cipher suites of a
certain type.
certain type.
For example,
SHA1
represents all ciphers suites using the digest algorithm SHA1, and
SSLv3
represents all SSL v3 algorithms.
■
Lists of cipher suites can be combined in a single cipher string using the + character as a
logical
logical
and
operation.
For example
SHA1+DES
represents all cipher suites containing the
SHA1
and the
DES
algorithms.
■
Each cipher string can be optionally preceded by the characters!, - or +.
■
If ! is used then the ciphers are permanently deleted from the list. The ciphers deleted can
never reappear in the list even if they are explicitly stated.
never reappear in the list even if they are explicitly stated.
■
If - is used then the ciphers are deleted from the list, but some or all of the ciphers can be
added again by later options.
added again by later options.
■
If + is used then the ciphers are moved to the end of the list. This option doesn't add any
new ciphers—it just moves matching existing ones.
new ciphers—it just moves matching existing ones.
■
If none of these characters is present then the string is just interpreted as a list of ciphers to
be appended to the current preference list. I
be appended to the current preference list. I
■
If the list includes any ciphers already present, Flash Media Server does not evaluate them.
■
The cipher string
@STRENGTH
will sort the current cipher list in order of the length of the
encryption algorithm key.
The components can be combined with the appropriate prefixes to create a list of ciphers
including only those ciphers Flash Media Server is prepared to accept, in the order of
preference.
including only those ciphers Flash Media Server is prepared to accept, in the order of
preference.
Examples
<SSLCipherSuite>ALL:!ADH:!EDH</SSLCipherSuite>
This cipher string instructs Flash Media Server to accept all ciphers except those using
anonymous or ephemeral Diffie-Hellman key exchange.
anonymous or ephemeral Diffie-Hellman key exchange.
<SSLCipherSuite>RSA:!NULL!EXP</SSLCipherSuite>
<SSLCipherSuite>RSA:LOW:MEDIUM:HIGH</SSLCipherSuite>
<SSLCipherSuite>RSA:LOW:MEDIUM:HIGH</SSLCipherSuite>