Permissions Manager Items in 3270 Printer Connection Security
Document\Connection\Security
These items are found in the Security Properties Dialog Box.
| Item | User interface Description |
|---|---|
| RSC_Params | |
| SSLValidateCertChain | Retrieve and validate certificate chain |
| Specifies whether certificates presented for host authentication are checked to determine if they are valid and signed by a trusted CA. | |
| TelnetEncryption | Use SSL/TLS Security |
| Enables SSL/TLS connections. You must select this before you can set other values in the SSL/TLS section. | |
| TelnetEncryptionDisableCRLCheck | Use CRL |
| Specifies whether your client session checks for certificate revocation using CRLs (Certificate Revocation Lists) when validating host certificates. CRLs may be specified in the CDP extension of the certificate itself. You can also specify CRL using the LDAP tab in the Reflection Certificate Manager. | |
| TelnetEncryptionStrength | Encryption Strength |
| Specify the desired level of encryption for SSL/TLS connections. The connection fails if this level cannot be provided. | |
| TelnetEncryptionUseOCSP | Use OCSP |
| Specifies whether your client session checks for certificate revocation using OCSP (Online Certificate Status Protocol) responders when validating host certificates. OCSP responders may be specified in the AIA extension of the certificate itself. You can also specify OCSP responders using the OCSP tab in the Reflection Certificate Manager. | |
| TelnetEncryptionVerifyHostname | Certificate host name must match host being contacted |
| Specifies whether host name matching is required when validating host certificates. When this is enabled (the default), the host name you configure for your session must exactly match a host name or IP address entered in either the CommonName or the SubjectAltName field of the certificate. | |
| TelnetUseHttp | HTTP proxy |
| Specifies to use an HTTP proxy server. | |
| TelnetUseReflectionSecurityProxy | Use security proxy |
| Select this option to use the Security Proxy application available as part of the Host Access Management and Security Server (MSS) product. | |
| TelnetUseSocks | SOCKS Proxy |
| Specifies to use a SOCKS proxy server. | |
| TLSCertIdentity | |
| TLSE2EStrength | End-to-End SSL/TLS (Client to proxy to destination host) |
| This setting is only viewable from the MSS Administrative console (available for 5250, 3270, and VT sessions). This option tunnels a direct SSL/TLS connection to the host, while still connecting through the Security proxy. | |
| TLSFIPSMODE | Run in FIPS mode |
| When you run in FIPS mode, all connections are made using security protocols and algorithms that meet FIPS 140-2 standards. In this mode some standard connection options are not available. | |
| TLSProxyDestHost | Configure |
| Opens the Configuration dialog box, in which you can enter the server address and other settings. | |
| TLSSSLVersion | SSL/TLS version |
| Specifies which SSL or TLS version to use. |