# IBM_PROLOG_BEGIN_TAG 
# This is an automatically generated prolog. 
#  
# tcpip72V src/tcpip/usr/samples/tcpip/ftpd.cnf 1.2.1.2 
#  
# Licensed Materials - Property of IBM 
#  
# Restricted Materials of IBM 
#  
# COPYRIGHT International Business Machines Corp. 2007,2019 
# All Rights Reserved 
#  
# US Government Users Restricted Rights - Use, duplication or 
# disclosure restricted by GSA ADP Schedule Contract with IBM Corp. 
#  
# IBM_PROLOG_END_TAG 
#
#	This file contains configuration use by ftpd server to start a TLS
#	session. If this is no provided every attempt by a ftp client to secure
#	the communication using TLS will fail. Only root should have access to
#	modify and read this parameters.  
#
#	Entries :
#
#	CRL_PATH	 Path to the certificate revocation list in PEM format
#			 (optional). If specified the ftpd server perform
#			 verification on the certificate provided by the ftp
#			 client.
#
#	CA_PATH  	 Path to the certificate authority file in PEM format
#			 (optional). If specified the ftpd server perform
#			 verification on the certificated provided by the ftp
#			 client. 
#	
#	CIPHER_LIST 	 Cipher list to use during the connection (optional)
#
#	DEPTH 	         If the CA_PATH configuration parameter is specified
#	                 depht is used during the certificate verification
#	                 (optional).
#
#	CERTIFICATE      Path to a digital certificate file in PEM format 
#			 to use during the TLS session (required). 
#      	
#	CERTIFICATE_PRIVATE_KEY    Path to the certificate private key in PEM
#				   format to use during the TLS session
#				   (required). 
#
#       
#	DH_PARAMETERS_DIR  Path to a directory contanning Diffie-Helman
#			   parameters in PEM format (optional).


#       CRL_PATH    /servercrl/crl.pem
#	CA_PATH	    /serverca/ca.pem
#	CIPHER_LIST ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH
#	DEPTH 	    2
#	CERTIFICATE /servercertificate/cert.pem
#       CERTIFICATE_PRIVATE_KEY /serverkey/privatekey.pem
#       DH_PARAMETERS_DIR /DH_DIR

#	SSLv3 YES|NO      Enable or disable SSLv3. Default is to enable.  
#	TLSv1 YES|NO      Enable or disable TLSv1. Default is to enable. 
#	TLSv1.1 YES|NO    Enable or disable TLSv1.1. Default is to enable. 
#	TLSv1.2  YES|NO   Enable or disable TLSv1.2. Default is to enable.