Home > Configuration > SSL > setsslparameter_denysslreneg

setsslparameter_denysslreneg

Use this method to set deny renegotiation in specified circumstances. Available settings function as follows:
* NO - Allow SSL renegotiation.
* FRONTEND_CLIENT - Deny secure and nonsecure SSL renegotiation initiated by the client.
* FRONTEND_CLIENTSERVER - Deny secure and nonsecure SSL renegotiation initiated by the client or the Citrix ADC during policy-based client authentication.
* ALL - Deny all secure and nonsecure SSL renegotiation.
* NONSECURE - Deny nonsecure SSL renegotiation. Allows only clients that support RFC 5746.

Syntax



Parameters

denysslreneg

Deny renegotiation in specified circumstances. Available settings function as follows: * NO - Allow SSL renegotiation. * FRONTEND_CLIENT - Deny secure and nonsecure SSL renegotiation initiated by the client. * FRONTEND_CLIENTSERVER - Deny secure and nonsecure SSL renegotiation initiated by the client or the Citrix ADC during policy-based client authentication. * ALL - Deny all secure and nonsecure SSL renegotiation. * NONSECURE - Deny nonsecure SSL renegotiation. Allows only clients that support RFC 5746.
Default value = NORENEG_FE_BE.
Possible Values : NO, FRONTEND_CLIENT, FRONTEND_CLIENTSERVER, ALL, NONSECURE.

Return Value

Returns simpleResult

See Also

getsslparameter

setsslparameter_crlmemorysizemb

setsslparameter_cryptodevdisablelimit

setsslparameter_defaultprofile

setsslparameter_dropreqwithnohostheader

setsslparameter_encrypttriggerpktcount

setsslparameter_heterogeneoussslhw

setsslparameter_hybridfipsmode

setsslparameter_insertcertspace

setsslparameter_insertionencoding

setsslparameter_ndcppcompliancecertcheck

setsslparameter_ocspcachesize

setsslparameter_operationqueuelimit

setsslparameter_pushenctriggertimeout

setsslparameter_pushflag

setsslparameter_quantumsize

setsslparameter_sendclosenotify

setsslparameter_sigdigesttype

setsslparameter_snihttphostmatch

setsslparameter_softwarecryptothreshold

setsslparameter_sslierrorcache

setsslparameter_sslimaxerrorcachemem

setsslparameter_ssltriggertimeout

setsslparameter_strictcachecks

setsslparameter_undefactioncontrol

setsslparameter_undefactiondata

unsetsslparameter_crlmemorysizemb

unsetsslparameter_cryptodevdisablelimit

unsetsslparameter_defaultprofile

unsetsslparameter_denysslreneg

unsetsslparameter_dropreqwithnohostheader

unsetsslparameter_encrypttriggerpktcount

unsetsslparameter_heterogeneoussslhw

unsetsslparameter_hybridfipsmode

unsetsslparameter_insertcertspace

unsetsslparameter_insertionencoding

unsetsslparameter_ndcppcompliancecertcheck

unsetsslparameter_ocspcachesize

unsetsslparameter_operationqueuelimit

unsetsslparameter_pushenctriggertimeout

unsetsslparameter_pushflag

unsetsslparameter_quantumsize

unsetsslparameter_sendclosenotify

unsetsslparameter_sigdigesttype

unsetsslparameter_snihttphostmatch

unsetsslparameter_softwarecryptothreshold

unsetsslparameter_sslierrorcache

unsetsslparameter_sslimaxerrorcachemem

unsetsslparameter_ssltriggertimeout

unsetsslparameter_strictcachecks

unsetsslparameter_undefactioncontrol

unsetsslparameter_undefactiondata