AccessSSLFlags
AccessSSLFlags contains the Secure Sockets Layer (SSL) file permission flags as seen in the Flags section. The default value of 0 means that no SSL permissions are set.
| Attribute Name | Attribute Value |
|---|---|
| XML Data Type | DWORD |
| WMI Data Type |
SINT32
|
| ADSI Data Type | DWORD |
| ABO Data Type | DWORD |
| ABO Metabase identifier |
MD_SSL_ACCESS_PERM
|
| Attributes | INHERIT |
| Default Value | 0 |
| MetaFlagsEx | CACHE_PROPERTY_MODIFIED |
| User Type | IIS_MD_UT_FILE |
| StartingNumber | Not applicable |
| EndingNumber | 0 |
| ID | 6030 |
Configurable Locations
You can configure this property at the following locations in the IIS metabase.
| Metabase Path | IIS Admin Object Type |
|---|---|
| /LM/W3SVC/n/ROOT /LM/W3SVC/n/ROOT/virtual_directory_name |
IIsWebVirtualDir |
| /LM/W3SVC/n | IIsWebServer |
| /LM/W3SVC | IIsWebService |
| /LM/W3SVC/n/ROOT/file_name /LM/W3SVC/n/ROOT/virtual_directory_name/file_name |
IIsWebFile |
| /LM/W3SVC/n/ROOT/physical_directory_name /LM/W3SVC/n/virtual_directory_name/physical_directory_name |
IIsWebDirectory |
| /LM/NNTPSVC | IIsNntpService |
| /LM/NNTPSVC/n | IIsNntpServer |
| /LM/NNTPSVC/n/ROOT /LM/NNTPSVC/n/ROOT/virtual_directory_name |
IIsNntpVirtualDir |
| /LM/SMTPSVC | IIsSmtpService |
| /LM/SMTPSVC/n | IIsSmtpServer |
| /LM/SMTPSVC/n/ROOT /LM/SMTPSVC/n/ROOT/virtual_directory_name |
IIsSmtpVirtualDir |
Flags
| Flag Name | AccessSSL |
|---|---|
| Description |
When AccessSSL is set to true, file access requires SSL file permission processing, with or without a client certificate.
|
| Metabase Bitmask Identifier | MD_ACCESS_SSL |
| Decimal Value | 8 |
| Hex Value | 0x00000008 |
| Flag Name | AccessSSL128 |
|---|---|
| Description |
When AccessSSL128 is set to true, file access requires SSL file permission processing with a minimum key size of 128 bits, with or without a client certificate.
|
| Metabase Bitmask Identifier | MD_ACCESS_SSL128 |
| Decimal Value | 256 |
| Hex Value | 0x00000100 |
| Flag Name | AccessSSLNegotiateCert |
|---|---|
| Description |
When AccessSSLNegotiateCert is set to true, SSL file access processing requests a certificate from the client. If AccessSSLRequireCert is false, access continues if the client does not have a certificate. Some versions of Internet Explorer will close the connection if the server requests a certificate anda certificateis not available (even if AccessSSLRequireCert is also set to true).
|
| Metabase Bitmask Identifier | MD_ACCESS_NEGO_CERT |
| Decimal Value | 32 |
| Hex Value | 0x00000020 |
| Flag Name | AccessSSLRequireCert |
|---|---|
| Description |
When AccessSSLRequireCert is set to true, SSL file access processing requests a certificate from the client. If the client provides no certificate, the connection is closed. AccessSSLNegotiateCert must also be set to true when using AccessSSLRequireCert.
|
| Metabase Bitmask Identifier | MD_ACCESS_REQUIRE_CERT |
| Decimal Value | 64 |
| Hex Value | 0x00000040 |
| Flag Name | AccessSSLMapCert |
|---|---|
| Description |
When AccessSSLMapCert is set to true, SSL file permission processing maps a client certificate to a Windows account. The AccessSSLNegotiateCert property must also be set to true for the mapping to occur.
|
| Metabase Bitmask Identifier | MD_ACCESS_MAP_CERT |
| Decimal Value | 128 |
| Hex Value | 0x00000080 |
Code Example
For general code examples, please see Code Examples to Configure Metabase Properties