Table of Contents

Search

  1. Preface
  2. Introduction
  3. Dashboard
  4. Resources
  5. Workflows
  6. Task Reference
  7. Services Overview
  8. Users
  9. Logs and Reports
  10. Encryption
  11. System
  12. Appendix
  13. Glossary Terms

SSL Tab

SSL Tab

SSL Enabled
From the drop-down list, select the appropriate option:
  • Yes - A Secure Socket Layer is used to secure transmissions
  • No - Transmissions are not secured with SSL
SSL Protocol
From the drop-down list, select the appropriate option:
  • SSL - A traditional Secure Socket Layer protocol is used to secure the transmission
  • TLS - A new version of SSL, Transport Layer Security will be used to secure the transmission (default)
Enabled SSL Protocols
Specify a comma separated list of SSL/TLS protocol versions to allow. For example, to enable TLS 1.1 and TLS 1.2 only, specify TLSv1.1, TLSv1.2. Likewise, to enable all versions of SSL/TLS, specify SSLv3,TLSv1,TLSv1.1,TLSv1.2.
Algorithm
This field displays the certificate encoding algorithm. The field is pre-populated based on your installation. The available options are:
  • IbmX509 - Only used for IBM based installations
  • SunX509 - Used for Sun and most other installations
Client Authentication
This determines how the client will authenticate with the server.
  • None - The SSL connection runs without checking certificates and the User is authenticated with a password. If any of the information being transmitted requires a certificate, the connection will fail.
  • Optional - The SSL connection looks for a valid certificate, but continues with password authentication if a certificate is not present.
  • Required - The SSL connection will not connect or authenticate a User unless a valid certificate is available.
Enabled Cipher Suites
By default all Cipher Suites are enabled to provide the most options between different clients and servers. Although encrypted, the cipher suite automatically selected by the connection may not be the most secure. This list allows you to limit which ciphers are used. Follow the instructions below to select which Cipher Suites are used:
  1. In the left column, click to select (highlight) the Cipher Suites to use. Multiple entries can be selected by pressing the Ctrl or Shift key while clicking the mouse.
  2. When the desired Cipher Suites are selected, click the arrow between the group boxes to move the Cipher Suites from left to right.
Key Store File
This file contains the private key and associated certificates that a client uses to authenticate to a server. There are default Key Store files provided with Managed File Transfer or you can create your own. Type the name or click the icon to browse for the file.
Key Store Password
The password to use for accessing the key store.
Key Store Type
The type of key store. Managed File Transfer supports both the JKS (Java Key Store) and PKCS12 (Public-Key Cryptography Standards) key store types.
Key Store Provider
Based on your installation, not all the providers may be available. The correct Key Store Provider is loaded during the installation. However, if you need specify a provider, from the drop-down list select the appropriate option:
  • IBMJCE - The IBM Java Cryptographic Extension is the export compliant variation of the SUN provider for IBM
  • IBMi5OSJSSE Provider - The IBM i5/OS Java Secure Socket Extension provides an RSA layer to the cryptology for IBM systems running the i5/OS
  • SUN - The classic Java cryptographic service
  • SUNJSSE - The Java Secure Socket Extension provides an RSA layer to the cryptology
  • SUNJCE - The Java Cryptographic Extension is the export compliant variation of the SUN provider
  • SUNMSCAPI - The Java implementation of the Microsoft Cryptography API
  • BC - The Bouncy Castle provider is a new export compliant set of algorithms for the Java Framework including RSA, DSA, x509
Key Alias
The key alias identifies a key pair and its associated certificate from all the ones within a Key Store. If no alias is specified, the Key Store opens the first file in the key store. Type the name or click the icon to browse for an Alias.
Export Head Certificate
Exports the head certificate of the selected Key Alias to your internet browser's default download directory.
Trust Store File
The Trust Store File contains the public keys and certificates used by a server to authenticate a client. There are default Trust Store files provided with Managed File Transfer or you can create your own. Type the name or click the icon to browse for the file.
Trust Store Password
The password to use for accessing the Trust Store.
Trust Store Type
The type of trust store. Managed File Transfer supports both the JKS (Java Key Store) and PKCS12 (Public-Key Cryptography Standards) trust store types.
Trust Store Provider
Based on your installation, not all the providers may be available. The correct trust store provider is loaded in the installation. However, if you need specify a provider, from the drop-down list select the appropriate option:
  • IBMJCE - The IBM Java Cryptographic Extension is the export compliant variation of the SUN provider for IBM
  • IBMi5OSJSSE Provider - The IBM i5/OS Java Secure Socket Extension provides an RSA layer to the cryptology for IBM systems running the i5/OS
  • SUN - The classic Java cryptographic service
  • SUNJSSE - The Java Secure Socket Extension provides an RSA layer to the cryptology
  • SUNJCE - The Java Cryptographic Extension is the export compliant variation of the SUN provider
  • SUNMSCAPI - The Java implementation of the Microsoft Cryptography API
  • BC - The Bouncy Castle provider is a new export compliant set of algorithms for the Java Framework including RSA, DSA, x509

0 COMMENTS

We’d like to hear from you!