|
|
@ -95,12 +95,6 @@ Processing Standard 140-1 validated encryption methods.
|
|
|
|
.I enforces FIPS-compliance mode.
|
|
|
|
.I enforces FIPS-compliance mode.
|
|
|
|
.RE
|
|
|
|
.RE
|
|
|
|
|
|
|
|
|
|
|
|
.TP
|
|
|
|
|
|
|
|
\fBdisableSSLv3\fP=\fI[true|false]\fP
|
|
|
|
|
|
|
|
If set to \fB1\fP, \fBtrue\fP or \fByes\fP, \fBxrdp\fP will not accept SSLv3 connections.
|
|
|
|
|
|
|
|
If not specified, defaults to \fBfalse\fP.
|
|
|
|
|
|
|
|
This parameter is effective only if \fBsecurity_layer\fP is set to \fBtls\fP or \fBnegotiate\fP.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
.TP
|
|
|
|
.TP
|
|
|
|
\fBfork\fP=\fI[true|false]\fP
|
|
|
|
\fBfork\fP=\fI[true|false]\fP
|
|
|
|
If set to \fB1\fR, \fBtrue\fR or \fByes\fR for each incoming connection \fBxrdp\fR(8) forks a sub-process instead of using threads.
|
|
|
|
If set to \fB1\fR, \fBtrue\fR or \fByes\fR for each incoming connection \fBxrdp\fR(8) forks a sub-process instead of using threads.
|
|
|
@ -149,6 +143,12 @@ of Standard RDP Security is controlled by \fBcrypt_level\fP.
|
|
|
|
Negotiate these security methods with clients.
|
|
|
|
Negotiate these security methods with clients.
|
|
|
|
.RE
|
|
|
|
.RE
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
.TP
|
|
|
|
|
|
|
|
\fBssl_protocols\fP=\fI[SSLv3] [TLSv1] [TLSv1.1] [TLSv1.2]\fP
|
|
|
|
|
|
|
|
Enables the specified SSL/TLS protocols. Each value should be separated by space.
|
|
|
|
|
|
|
|
SSLv2 is always disabled. At least one protocol should be given to accept TLS connections.
|
|
|
|
|
|
|
|
This parameter is effective only if \fBsecurity_layer\fP is set to \fBtls\fP or \fBnegotiate\fP.
|
|
|
|
|
|
|
|
|
|
|
|
.TP
|
|
|
|
.TP
|
|
|
|
\fBtcp_keepalive\fP=\fI[true|false]\fP
|
|
|
|
\fBtcp_keepalive\fP=\fI[true|false]\fP
|
|
|
|
Regulate if the listening socket uses socket option \fBSO_KEEPALIVE\fP.
|
|
|
|
Regulate if the listening socket uses socket option \fBSO_KEEPALIVE\fP.
|
|
|
|