AccessSSLFlags

  • Article

The AccessSSLFlags property contains the Secure Sockets Layer (SSL) file permission flags as seen in the Flags section. The default value of 0 means that no SSL permissions are set.

Schema Attributes

Attribute Name

Value

ADSI/WMI Data Type

DWORD

ABO Data Type

DWORD_METADATA

Schema Default

0

Internal Default

Not specified.

Upper Bound

0

Lower Bound

Not specified

Internal ID

6030

Friendly ID

MD_SSL_ACCESS_PERM

Property Attributes

INHERIT

User Type

IIS_MD_UT_FILE

Configurable Locations

You can configure this property at the following locations in the IIS metabase.

Metabase Path

IIS Admin Object Type

/LM/W3SVC

IIsWebService

/LM/W3SVC/n

IIsWebServer

/LM/W3SVC/n/ROOT/file_name

/LM/W3SVC/n/ROOT/virtual_directory_name/file_name

IIsWebFile

/LM/W3SVC/n/ROOT/physical_directory_name

/LM/W3SVC/n/virtual_directory_name/physical_directory_name

IIsWebDirectory

/LM/W3SVC/n/ROOT

/LM/W3SVC/n/ROOT/virtual_directory_name

IIsWebVirtualDir

/LM/NNTPSVC

IIsNntpService

/LM/NNTPSVC/n

IIsNntpServer

/LM/NNTPSVC/n/ROOT

/LM/NNTPSVC/n/ROOT/virtual_directory_name

IIsNntpVirtualDir

/LM/SMTPSVC

IIsSmtpService

/LM/SMTPSVC/n

IIsSmtpServer

/LM/SMTPSVC/n/ROOT

/LM/SMTPSVC/n/ROOT/virtual_directory_name

IIsSmtpVirtualDir

Flags

Flag Name

AccessSSL

Versions Applicable

[IIS 5.0][IIS 5.1][IIS 6.0]

Description

A value of true indicates that file access requires SSL file permission processing, with or without a client certificate.

Bitmask

8 (hex 0x00000008)

Friendly Bitmask ID

MD_ACCESS_SSL

Internal ID

6213

Flag Name

AccessSSL128

Versions Applicable

[IIS 5.0][IIS 5.1][IIS 6.0]

Description

A value of true indicates that file access requires SSL file permission processing with a minimum key size of 128 bits, with or without a client certificate.

Bitmask

256 (hex 0x00000100)

Friendly Bitmask ID

MD_ACCESS_SSL128

Internal ID

6217

Flag Name

AccessSSLMapCert

Versions Applicable

[IIS 5.0][IIS 5.1][IIS 6.0]

Description

A value of true indicates that SSL file permission processing maps a client certificate to a Microsoft Windows ? operating system user-account. The AccessSSLNegotiateCert property must also be set to true for the mapping to occur.

Bitmask

128 (hex 0x00000080)

Friendly Bitmask ID

MD_ACCESS_MAP_CERT

Internal ID

6216

Flag Name

AccessSSLNegotiateCert

Versions Applicable

[IIS 5.0][IIS 5.1][IIS 6.0]

Description

A value of true indicates that SSL file access processing requests a certificate from the client. A value of false indicates that access continues if the client does not have a certificate. Some versions of Internet Explorer will close the connection if the server requests a certificate and a certificate is not available (even if AccessSSLRequireCert is also set to true).

Bitmask

32 (hex 0x00000020)

Friendly Bitmask ID

MD_ACCESS_NEGO_CERT

Internal ID

6214

Flag Name

AccessSSLRequireCert

Versions Applicable

[IIS 5.0][IIS 5.1][IIS 6.0]

Description

A value of true indicates that SSL file access processing requests a certificate from the client. If the client provides no certificate, the connection is closed. AccessSSLNegotiateCert must also be set to true when using AccessSSLRequireCert.

Bitmask

64 (hex 0x00000040)

Friendly Bitmask ID

MD_ACCESS_REQUIRE_CERT

Internal ID

6215

Requirements

Client: Requires Windows XP Professional, Windows 2000 Professional, or Windows NT Workstation 4.0.

Server: Requires Windows Server 2003, Windows 2000 Server, or Windows NT Server 4.0.

Product: IIS

See Also