AccessSSLFlags Metabase Property

Applies To: Windows Server 2003, Windows Server 2003 with SP1

The AccessSSLFlags property contains the Secure Sockets Layer (SSL) file permission flags as seen in the Flags section. The default value of 0 means that no SSL permissions are set.

Attribute Name Attribute Value

XML Data Type

DWORD

WMI Data Type

SINT32

ADSI Data Type

DWORD

ABO Data Type

DWORD

ABO Metabase Identifier

MD_SSL_ACCESS_PERM

Attributes

INHERIT

Default Value

0

MetaFlagsEx

CACHE_PROPERTY_MODIFIED

User Type

IIS_MD_UT_FILE

ID

6030

Configurable Locations

You can configure this property at the following locations in the IIS metabase.

Metabase Path IIS Admin Object Type

/LM/W3SVC/n/ROOT /LM/W3SVC/n/ROOT/virtual_directory_name

IIsWebVirtualDir

/LM/W3SVC/n

IIsWebServer

/LM/W3SVC

IIsWebService

/LM/W3SVC/n/ROOT/file_name /LM/W3SVC/n/ROOT/virtual_directory_name/file_name

IIsWebFile

/LM/W3SVC/n/ROOT/physical_directory_name /LM/W3SVC/n/virtual_directory_name/physical_directory_name

IIsWebDirectory

/LM/NNTPSVC

IIsNntpService

/LM/NNTPSVC/n

IIsNntpServer

/LM/NNTPSVC/n/ROOT /LM/NNTPSVC/n/ROOT/virtual_directory_name

IIsNntpVirtualDir

/LM/SMTPSVC

IIsSmtpService

/LM/SMTPSVC/n

IIsSmtpServer

/LM/SMTPSVC/n/ROOT /LM/SMTPSVC/n/ROOT/virtual_directory_name

IIsSmtpVirtualDir

Flags

Flag Name AccessSSL

Description

A value of true indicates that file access requires SSL file permission processing with or without a client certificate.

Metabase Bitmask Identifier

MD_ACCESS_SSL

Decimal Value

8

Hexadecimal Value

0x00000008

Flag Name AccessSSL128

Description

A value of true indicates that file access requires SSL file permission processing with a minimum key size of 128 bits, with or without a client certificate.

Metabase Bitmask Identifier

MD_ACCESS_SSL128

Decimal Value

256

Hexadecimal Value

0x00000100

Flag Name AccessSSLNegotiateCert

Description

A value of true indicates that SSL file access processing requests a certificate from the client. A value of false indicates that access continues if the client does not have a certificate. Some versions of Internet Explorer will close the connection if the server requests a certificate and a certificate is not available (even if AccessSSLRequireCert is also set to false).

Metabase Bitmask Identifier

MD_ACCESS_NEGO_CERT

Decimal Value

32

Hexadecimal Value

0x00000020

Flag Name AccessSSLRequireCert

Description

A value of true indicates that SSL file access processing requests a certificate from the client. If the client provides no certificate, the connection is closed. AccessSSLNegotiateCert must also beset to true when using AccessSSLRequireCert.

Metabase Bitmask Identifier

MD_ACCESS_REQUIRE_CERT

Decimal Value

64

Hexadecimal Value

0x00000040

Flag Name AccessSSLMapCert

Description

A value of true indicates that SSL file permission processing maps a client certificate to a Microsoft Windows operating system user-account. The AccessSSLNegotiateCert property must also be set to true for the mapping to occur.

Metabase Bitmask Identifier

MD_ACCESS_MAP_CERT

Decimal Value

128

Hexadecimal Value

0x00000080

Code Example

For general code examples, see Code Examples to Configure Metabase Properties.

AccessFlags Metabase Property