Configuring encryption ciphers for vxdbd

Communication with the vxdbd daemon is encrypted. The encryption algorithms used for communication can be configured by editing the /var/vx/vxdba/auth/vxdbd/root/.VRTSat/profile/VRTSatlocal.conf configuration file. The SSLCipherSuite configuration parameter specifies the ciphers that are allowed when establishing a secure connection. Refer to the OpenSSL ciphers(1) man page for details on the acceptable values of this parameter.

For example, to configure vxdbd to deny communication using the medium-strength and low-strength ciphers, set the SSLCipherSuite parameter as follows:

"SSLCipherSuite"="HIGH:!MEDIUM:!eNULL:!aNULL:!SSLv2:!LOW"