5.14.4 Configure SSL/TLS Security (6530)

Getting there

Open a 6530 terminal session.

The steps depend on your user interface mode.

User Interface Mode	Steps
Ribbon or Reflection Browser	With a session open in Reflection, from the Quick Access Toolbar, click .
TouchUx	Tap the Gear icon and then select Document Settings.

Under Host Connection, click Configure SSL/TLS Security.

This dialog box is used to configure a session for SSL/TLS security.

NOTE:For information about creating and editing macros, using file transfer, logging, and other features, see the 6530 Help available on the Session ribbon Help group.

Server Authentication

This item selects the type of server authentication to use for the connection. Note that you can select multiple types.

Check for valid CA signature	If checked, the SSL/TLS Certificate is checked to verify that it has a valid CA signature.
Certificate host name must match host being contacted	If checked, the host name specified in the certificate must match the host name you are connecting to.
Perform CRL check	If checked, the certificate is checked against a Certificate Revocation List, and if the certificate has been revoked, the connection will fail.

Client Certificate

If you require both host and client authentication, fill in this area.

Provide client certificate	If checked, the client certificate specified in the Client certificate file box will be sent to the host.
Client certificate file	Enter the client certificate filename and path, or click on the Browse button to start a file open dialog.
Client certificate file password	If the client certificate file has a password, enter it here.

Secure File Transfer

This section is used to enable SSL/TLS (FTPS) for file transfers using the built-in FTP client.

Use FTPS

Check this item if you want to use FTPS to secure FTP sessions using the built-in FTP client.

Port

Enter the port number to use for FTPS sessions using the built-in FTP client.

SSL/TLS logging

Select whether or not to do diagnostic logging of the session, and what level of logging should be done.

Leave the default (None) selected unless you have a problem with the connection.

The resulting log file, named SSLLog.log can be sent to support to help diagnose the problem. The log file is placed in the configuration directory, normally Documents\Micro Focus\Reflection\HPNonstop\Logs.

If Negotiation Only Data is selected the log file contains data related to the establishment of the session, and does not contain any sensitive data such as passwords.

If Negotiation and Session Data is selected the log file contains all data, including passwords. Since most SSL/TLS issues occur during negotiations this setting should only be selected if the session drops after negotiations are complete.