8.4.2 Connect using End-to-End Encryption in 3270 SSL/TLS Sessions

End-to-end encryption tunnels a direct SSL/TLS connection to the host, while still connecting through the Security Proxy Server. These connections require two certificates and SSL/TLS handshakes — one for the client/proxy server connection and another for the client/host connection. Without end-to-end encryption, only data between the client and proxy server is encrypted.

Before you create a connection, review the Requirements for connections through the Security Proxy and Getting to the Reflection Desktop Security Settings.

To configure a session with end-to-end encryption, see the instructions for creating secure sessions in the Management and Security Server Administrator Guide in the Host Access Management and Security Server Documentation.

NOTE:You can modify the level of security by adjusting the SSL protocol version and encryption key-strength setting. Click PKI Manager to add the Certificate Revocation List (CRL) and Online Certificate Status protocols (OCSP) to certificate validation.