Security Folder—SSL/TLS Category

HostExplorer

Security Folder—SSL/TLS Category

3270 5250 VT

In the SSL/TLS category, you can set security options specific to the SSL/TLS protocol. You must first select SSL/TLS in the General category of the Security folder and you must not currently be connected to a session

SSL/TLS Options

Version—Select the version of the SSL/TLS protocol that you want to use for SSL/TLS connections to the server. The default version is Version 3. It is recommended that you do not use version 2 unless advised to do so.

Negotiate Via TelnetSpecifies how to initiate SSL/TLS connectivity. Select this option to configure HostExplorer to negotiate Transport Layer Security (TLS) options through Telnet. Clear this option to enable HostExplorer to request SSL/TLS immediately without Telnet option negotiation. By default, this option is cleared.

Close Connection if Negotiation Fails—Determines whether HostExplorer should terminate the connection if the SSL/TLS negotiation fails. By default, this option is cleared.

Accept Unverified Server CertificatesThis option is available only if you selected the Close Connection if SSL Negotiation Fails check box. Determines whether HostExplorer accepts from the server only the certificates that have been verified by a trusted certification authority (CA). If this option is checked, certain certification errors are ignored such as the certificate has expired, the certificate is not valid yet, and syntax errors. By default, this option is cleared.

Accept Self-Signed Server Certificates—This option is available only if you selected the Close Connection if SSL Negotiation Fails check box. Determines whether HostExplorer accepts certificates that have been signed by the organizations themselves rather than a CA. By default, this option is cleared.

Cipher Suites—Opens the SSL/TLS Ciphers dialog box corresponding to the SSL/TLS version that you specified in the Version list. In the dialog box, you can specify the cipher suites that HostExplorer and the server will use for data encryption.

User Authentication

Note: 
  This area is only available if SSL/TLS is installed.

User Certificate Mode—Select from the following list of options:

Prompt for User Certificate—If you select this item, the User Certificate Selection dialog box opens when you re-connect to the server using this session. This dialog box lets you select or create a user certificate for the SSL/TLS connection. This option is ideal for administrators who want different users working on the same machine to select their own user certificates.

Select User Certificate—Lets you select a user-specific certificate that you created or imported in the User Certificates store. Click Browse to specify a user certificate that you want to use to connect to the host.

No User Certificate—Lets you connect without using a user certificate. By default, this option is selected.

Certificates and Keys Manager—Opens the Certificates and Keys Management Console which you can use to create and manage keys and certificates.


Related Topics

Overview—Hummingbird Connectivity SSL

Negotiating SSL/TLS Communication

Selecting Cipher Suites

Certificate Information Window

About Certificates and Keys Manager