Skip to main content
Version: 3.7.x.x LTS

nevisProxy SSL and TLS Settings

nevisAdmin applies default SSL/TLS settings for all nevisProxy services that have HTTPS configured. The defaults are suitable for most environments.

You can change these settings on the nevisProxy service by setting custom parameters for the SSL connector element.

You can also change the defaults globally by setting the following nevisAdmin properties (see chapter Properties):

  • ch.nevis.nevisadmin.ssl.proxy.SSLProtocol
  • ch.nevis.nevisadmin.ssl.proxy.SSLOptions
  • ch.nevis.nevisadmin.ssl.proxy.SSLCipherSuite
  • ch.nevis.nevisadmin.ssl.proxy.SSLHonorCipherOrder
  • ch.nevis.nevisadmin.ssl.proxy.SSLRenegBufferSize
  • ch.nevis.nevisadmin.ssl.proxy.SSLInsecureRenegotiation
  • ch.nevis.nevisadmin.ssl.proxy.SSLDHParametersFile
  • ch.nevis.nevisadmin.ssl.proxy.SSLRandomSeed.0
  • ch.nevis.nevisadmin.ssl.proxy.SSLRandomSeed.1
  • ch.nevis.nevisadmin.ssl.proxy.SSLRandomSeed.<n>

These properties reflect the corresponding Apache directives.

For each SSLRandomSeed property, a corresponding line will be added to the global.conf file of all nevisProxy instances.