SSL/TLS Configuration Dialog Box
This dialog box lets you configure your secure FTP connection.
SSL/TLS Version—Select the version of the SSL/TLS protocol that you want to use for SSL/TLS connections to the server. The default version is Version 3. It is recommended that you do not use version 2 unless advised to do so.
Certificate Verification Errors—Selects the action that Hummingbird FTP takes during SSL negotiation when the host presents a certificate that cannot be verified.
- Connect (ignore errors)—Lets Hummingbird FTP establish the SSL connection.
- Do not connect—Does not let Hummingbird FTP establish the SSL connection. With this option, you can exempt two groups of verification errors by selecting Accept Self-Signed Server Certificates and/or Accept Unverified Server Certificates.
- Prompt for acceptance—Displays a list of certificate verification failures that includes the tests that the server certificate failed. With this option, you can choose to proceed with, or cancel, the connection.
Accept Self-Signed Server Certificates—This option is available only if you selected the Close Connection if SSL Negotiation Fails check box. Determines whether HostExplorer accepts certificates that have been signed by the organizations themselves rather than a CA. By default, this option is cleared.
Accept Unverified Server Certificates—This option is available only if you selected the Close Connection if SSL Negotiation Fails check box. Determines whether HostExplorer accepts from the server only the certificates that have been verified by a trusted certification authority (CA). If this option is checked, certain certification errors are ignored such as the certificate has expired, the certificate is not valid yet, and syntax errors. By default, this option is cleared.
Cipher Suites—Opens the SSL/TLS Ciphers dialog box corresponding to the SSL/TLS version that you specified in the Version list. In the dialog box, you can specify the cipher suites that HostExplorer and the server will use for data encryption.
Encrypt Data Channel—Lets you encrypt the data (the contents of the files or directories) being transferred between the FTP client and the server.
User Certificate Mode—Select from the following list of options:
- Prompt for User Certificate—If you select this item, the User Certificate Selection dialog box opens when you re-connect to the server using this session. This dialog box lets you select or create a user certificate for the SSL/TLS connection. This option is ideal for administrators who want different users working on the same machine to select their own user certificates.
- Select User Certificate—Lets you select a user-specific certificate that you created or imported in the User Certificates store. Click Browse to specify a user certificate that you want to use to connect to the host.
- No User Certificate—Lets you connect without using a user certificate. By default, this option is selected.
Certificates and Keys Manager—Opens the Certificates and Keys Management Console which you can use to create and manage keys and certificates.