Setting Security PreferencesChapter 11 Managing SSL 38110. If you want Netscape Console to use SSL during communications withDirectory Server, select Use SSL in Netscape Console.11. Click Save.12. Restart the Directory Server.See “Starting the Server with SSL Enabled,” on page 36 for more information.Setting Security PreferencesYou can choose the type of ciphers you want to use for SSL communications. Acipher is the algorithm used in encryption. Some ciphers are more secure or strongerthan others. Generally speaking, the more bits a cipher uses during encryption, themore difficult it is to decrypt the key. For a more complete discussion of algorithmsand their strength, see Managing Servers with Netscape Console.When a client initiates an SSL connection with a server, the client tells the serverwhat ciphers it prefers to use to encrypt information. In any two-way encryptionprocess, both parties must use the same ciphers. There are a number of ciphersavailable. Your server needs to be able to use the ciphers that will be used by clientapplications connecting to the server.Directory Server provides the following SSL 3.0 ciphers:• RC4 cipher with 40-bit encryption and MD5 message authentication.• RC2 cipher with 40-bit encryption and MD5 message authentication.• No encryption, only MD5 message authentication.• DES with 56-bit encryption and SHA message authentication.• RC4 cipher with 128-bit encryption and MD5 message authentication.• Triple DES with 168-bit encryption and SHA message authentication.• FIPS DES with 56-bit encryption and SHA message authentication. This ciphermeets the FIPS 140-1 U.S. government standard for implementations ofcryptographic modules.NOTE If you are using certificate-based authentication with replication,then you must configure the consumer server to either allow orrequire client authentication.