Name
SSL, ssl, kPMSSL — A description of a SSL configuration.
Synopsis
SSL structure { keychain, peer name, allow, level };
keychain : string, length 2..4096 |
peer name : string, length 1..512, optional |
allow : array of SSL allowances elements, optional, unique
|
level : string, choice, default, optional |
Description
A description of a SSL configuration.
Fields
keychain. Absolute path to Keychain containing a certificate and a signing key.
SSL is an absolute path to a Keychain containing a suitable certificate and signing key for the socket. It is best practice to create a separate Keychain.
To use the System keychain: /Library/Keychain/System.keychain
keychain
is a string. keychain
must be between 2
and 4096
characters long, inclusive.
peer name. Override the name used for certificate verification.
Provide an empty string to disable name verification.
peer name
is a string. peer name
is optional. peer name
must be between 1
and 512
characters long, inclusive.
allow. Lessen the requirements of the SSL certificate.
allow
is an array of SSL allowances elements. allow
is optional. Each item in allow
must be unique.
level. Level of SSL security to use.
level
is a string. If level
is omitted, the default TLSv1
is used. level
is optional. level
must be one of the following four constants:
- SSLv2,
kPMSSLLevel_SSLv2
. - SSLv3,
kPMSSLLevel_SSLv3
. - TLSv1,
kPMSSLLevel_TLSv1
. - negotiated,
kPMSSLLevel_Negotiated
.