AccessSSLFlags
AccessSSLFlags contains the Secure Sockets Layer (SSL) file permission flags as seen in the Flags section. The default value of 0 means that no SSL permissions are set.
Attribute Name | Attribute Value |
---|---|
XML Data Type | DWORD |
WMI Data Type |
SINT32
|
ADSI Data Type | DWORD |
ABO Data Type | DWORD |
ABO Metabase identifier |
MD_SSL_ACCESS_PERM
|
Attributes | INHERIT |
Default Value | 0 |
MetaFlagsEx | CACHE_PROPERTY_MODIFIED |
User Type | IIS_MD_UT_FILE |
StartingNumber | Not applicable |
EndingNumber | 0 |
ID | 6030 |
Configurable Locations
You can configure this property at the following locations in the IIS metabase.
Metabase Path | IIS Admin Object Type |
---|---|
/LM/W3SVC/n/ROOT /LM/W3SVC/n/ROOT/virtual_directory_name |
IIsWebVirtualDir |
/LM/W3SVC/n | IIsWebServer |
/LM/W3SVC | IIsWebService |
/LM/W3SVC/n/ROOT/file_name /LM/W3SVC/n/ROOT/virtual_directory_name/file_name |
IIsWebFile |
/LM/W3SVC/n/ROOT/physical_directory_name /LM/W3SVC/n/virtual_directory_name/physical_directory_name |
IIsWebDirectory |
/LM/NNTPSVC | IIsNntpService |
/LM/NNTPSVC/n | IIsNntpServer |
/LM/NNTPSVC/n/ROOT /LM/NNTPSVC/n/ROOT/virtual_directory_name |
IIsNntpVirtualDir |
/LM/SMTPSVC | IIsSmtpService |
/LM/SMTPSVC/n | IIsSmtpServer |
/LM/SMTPSVC/n/ROOT /LM/SMTPSVC/n/ROOT/virtual_directory_name |
IIsSmtpVirtualDir |
Flags
Flag Name | AccessSSL |
---|---|
Description |
When AccessSSL is set to true, file access requires SSL file permission processing, with or without a client certificate.
|
Metabase Bitmask Identifier | MD_ACCESS_SSL |
Decimal Value | 8 |
Hex Value | 0x00000008 |
Flag Name | AccessSSL128 |
---|---|
Description |
When AccessSSL128 is set to true, file access requires SSL file permission processing with a minimum key size of 128 bits, with or without a client certificate.
|
Metabase Bitmask Identifier | MD_ACCESS_SSL128 |
Decimal Value | 256 |
Hex Value | 0x00000100 |
Flag Name | AccessSSLNegotiateCert |
---|---|
Description |
When AccessSSLNegotiateCert is set to true, SSL file access processing requests a certificate from the client. If AccessSSLRequireCert is false, access continues if the client does not have a certificate. Some versions of Internet Explorer will close the connection if the server requests a certificate anda certificateis not available (even if AccessSSLRequireCert is also set to true).
|
Metabase Bitmask Identifier | MD_ACCESS_NEGO_CERT |
Decimal Value | 32 |
Hex Value | 0x00000020 |
Flag Name | AccessSSLRequireCert |
---|---|
Description |
When AccessSSLRequireCert is set to true, SSL file access processing requests a certificate from the client. If the client provides no certificate, the connection is closed. AccessSSLNegotiateCert must also be set to true when using AccessSSLRequireCert.
|
Metabase Bitmask Identifier | MD_ACCESS_REQUIRE_CERT |
Decimal Value | 64 |
Hex Value | 0x00000040 |
Flag Name | AccessSSLMapCert |
---|---|
Description |
When AccessSSLMapCert is set to true, SSL file permission processing maps a client certificate to a Windows account. The AccessSSLNegotiateCert property must also be set to true for the mapping to occur.
|
Metabase Bitmask Identifier | MD_ACCESS_MAP_CERT |
Decimal Value | 128 |
Hex Value | 0x00000080 |
Code Example
For general code examples, please see Code Examples to Configure Metabase Properties