From NetWare 6.5 SP6 and later, SMDR is enabled to use SSL and uses Novell TLS (NTLS) library for SSL operations.
When SMDR is configured to use SSL, it encrypts the channel by securing data that is exchanged between servers. For configuration options in SMDR, refer Section 7.3, Configuration Options.
SMDR provides you the option of using SSL with or without certificates.
When using SSL without certificates, SMDR uses cipher suites based on the anonymous Diffie-Hellman protocol to exchange session keys. This mechanism provides session security because the data is encrypted across the connections. However, this does not provide server identity authentication because certificates are not used to validate server identity.
When SMDR is configured to use SSL with certificates, it has the ability to authenticate the server identity and secure data on the network. The server's certificate that is exchanged during the SSL channel establishment provides server authentication.
SMDR supports PEM-encoded or DER-encoded certificates. Certificates in other formats must be converted to either PEM or DER format in order to be used with SMDR.
Private keys stored on servers are typically encrypted using passwords. SMDR supports SSL private key files that are encrypted using this method.
If the private key file is password-encrypted, SMDR loads and displays a screen to accept the password. Enter password at the prompt to continue loading SMDR.
If a password is not entered, SMDR.NLM on NetWare does not provide complete functionality and SMDR does not accept any connections on that server. In addition, the server does not make connections to other SMDRs in the network.