AccessSSLFlags Metabase Property
Applies To: Windows Server 2003, Windows Server 2003 with SP1
The AccessSSLFlags property contains the Secure Sockets Layer (SSL) file permission flags as seen in the Flags section. The default value of 0 means that no SSL permissions are set.
| Attribute Name | Attribute Value |
|---|---|
XML Data Type |
DWORD |
WMI Data Type |
SINT32 |
ADSI Data Type |
DWORD |
ABO Data Type |
DWORD |
ABO Metabase Identifier |
MD_SSL_ACCESS_PERM |
Attributes |
INHERIT |
Default Value |
0 |
MetaFlagsEx |
CACHE_PROPERTY_MODIFIED |
User Type |
IIS_MD_UT_FILE |
ID |
6030 |
Configurable Locations
You can configure this property at the following locations in the IIS metabase.
| Metabase Path | IIS Admin Object Type |
|---|---|
/LM/W3SVC/n/ROOT /LM/W3SVC/n/ROOT/virtual_directory_name |
IIsWebVirtualDir |
/LM/W3SVC/n |
IIsWebServer |
/LM/W3SVC |
IIsWebService |
/LM/W3SVC/n/ROOT/file_name /LM/W3SVC/n/ROOT/virtual_directory_name/file_name |
IIsWebFile |
/LM/W3SVC/n/ROOT/physical_directory_name /LM/W3SVC/n/virtual_directory_name/physical_directory_name |
IIsWebDirectory |
/LM/NNTPSVC |
IIsNntpService |
/LM/NNTPSVC/n |
IIsNntpServer |
/LM/NNTPSVC/n/ROOT /LM/NNTPSVC/n/ROOT/virtual_directory_name |
IIsNntpVirtualDir |
/LM/SMTPSVC |
IIsSmtpService |
/LM/SMTPSVC/n |
IIsSmtpServer |
/LM/SMTPSVC/n/ROOT /LM/SMTPSVC/n/ROOT/virtual_directory_name |
IIsSmtpVirtualDir |
Flags
| Flag Name | AccessSSL |
|---|---|
Description |
A value of true indicates that file access requires SSL file permission processing with or without a client certificate. |
Metabase Bitmask Identifier |
MD_ACCESS_SSL |
Decimal Value |
8 |
Hexadecimal Value |
0x00000008 |
| Flag Name | AccessSSL128 |
|---|---|
Description |
A value of true indicates that file access requires SSL file permission processing with a minimum key size of 128 bits, with or without a client certificate. |
Metabase Bitmask Identifier |
MD_ACCESS_SSL128 |
Decimal Value |
256 |
Hexadecimal Value |
0x00000100 |
| Flag Name | AccessSSLNegotiateCert |
|---|---|
Description |
A value of true indicates that SSL file access processing requests a certificate from the client. A value of false indicates that access continues if the client does not have a certificate. Some versions of Internet Explorer will close the connection if the server requests a certificate and a certificate is not available (even if AccessSSLRequireCert is also set to false). |
Metabase Bitmask Identifier |
MD_ACCESS_NEGO_CERT |
Decimal Value |
32 |
Hexadecimal Value |
0x00000020 |
| Flag Name | AccessSSLRequireCert |
|---|---|
Description |
A value of true indicates that SSL file access processing requests a certificate from the client. If the client provides no certificate, the connection is closed. AccessSSLNegotiateCert must also beset to true when using AccessSSLRequireCert. |
Metabase Bitmask Identifier |
MD_ACCESS_REQUIRE_CERT |
Decimal Value |
64 |
Hexadecimal Value |
0x00000040 |
| Flag Name | AccessSSLMapCert |
|---|---|
Description |
A value of true indicates that SSL file permission processing maps a client certificate to a Microsoft Windows operating system user-account. The AccessSSLNegotiateCert property must also be set to true for the mapping to occur. |
Metabase Bitmask Identifier |
MD_ACCESS_MAP_CERT |
Decimal Value |
128 |
Hexadecimal Value |
0x00000080 |
Code Example
For general code examples, see Code Examples to Configure Metabase Properties.