Skip to content

Permissions Manager Items in 3270 Printer Connection Security


These items are found in the Security Properties Dialog Box.

Item User interface Description
SSLValidateCertChain Retrieve and validate certificate chain
Specifies whether certificates presented for host authentication are checked to determine if they are valid and signed by a trusted CA.
TelnetEncryption Use SSL/TLS Security
Enables SSL/TLS connections. You must select this before you can set other values in the SSL/TLS section.
TelnetEncryptionDisableCRLCheck Use CRL
Specifies whether your client session checks for certificate revocation using CRLs (Certificate Revocation Lists) when validating host certificates. CRLs may be specified in the CDP extension of the certificate itself. You can also specify CRL using the LDAP tab in the Reflection Certificate Manager.
TelnetEncryptionStrength Encryption Strength
Specify the desired level of encryption for SSL/TLS connections. The connection fails if this level cannot be provided.
TelnetEncryptionUseOCSP Use OCSP
Specifies whether your client session checks for certificate revocation using OCSP (Online Certificate Status Protocol) responders when validating host certificates. OCSP responders may be specified in the AIA extension of the certificate itself. You can also specify OCSP responders using the OCSP tab in the Reflection Certificate Manager.
TelnetEncryptionVerifyHostname Certificate host name must match host being contacted
Specifies whether host name matching is required when validating host certificates. When this is enabled (the default), the host name you configure for your session must exactly match a host name or IP address entered in either the CommonName or the SubjectAltName field of the certificate.
TelnetUseHttp HTTP proxy
Specifies to use an HTTP proxy server.
TelnetUseReflectionSecurityProxy Use security proxy
Specifies to use the Security Proxy application available as part of the Host Access Management and Security Server (MSS) product.
TelnetUseSocks SOCKS Proxy
Specifies to use a SOCKS proxy server.
TLSE2EStrength End-to-End SSL/TLS (Client to proxy to destination host)
This setting is only viewable from the MSS Administrative console (available for 5250, 3270, and VT sessions). This option tunnels a direct SSL/TLS connection to the host, while still connecting through the Security proxy.
When you run in FIPS mode, all connections are made using security protocols and algorithms that meet FIPS 140-2 standards. In this mode some standard connection options are not available.
TLSProxyDestHost Configure
Opens the Configuration dialog box, in which you can enter the server address and other settings.
TLSSSLVersion SSL/TLS version
Specifies which SSL or TLS version to use.