SECURING


Configuring the level of port encryption and authentication

You can control the level of port encryption and authentication that is used on an HCL Domino® server.

About this task

If you install Domino 9.01 Fix Pack 7 or a later fix pack, the following notes.ini settings are available:


Use DEBUG_PORT_ENC_ADV=1 to see detail about the new algorithms and any errors encountered when using them.

Use LOG_AUTHENTICATION=1 to determine which authentication algorithms are being used. This setting is enhanced to contain information about the new algorithms and to be easier to interpret. For example:

Authenticate {E970014}: CN=Ultraviolet/O=MiniPax           T:RC2:128 E:1:  P:c:e S:RC4:128 A:4:1 L:N:N:N FS:Authenticate {BA6001C}: CN=Ultraviolet/O=MiniPax           T:RC2:128 E:1:  P:t:e S:AES-CBC:128 A:2:1 L:N:N:N FS:Authenticate {BA6000B}: CN=Ultraviolet/O=MiniPax           T:AES:128 E:1:  P:t:e S:AES-GCM:256 A:2:1 L:N:N:N FS:DHE-2048

T shows the ticket algorithm and key size.

S shows the session (network encryption) algorithm and key size.

FS shows the algorithm (if any) used for Forward Secrecy.

E, P, A, and L are unchanged from previous releases.

Parent topic: Encryption

Related reference
PORT_ENC_ADV
TICKET_ALG_SHA

Related information
Download Options for Notes & Domino 9.0.1 Fix Packs