Field | Description |
---|---|
Network Profile |
Enter a name for the Network Profile. The Profile name must be unique in the Network Profile database. |
Origin address/ Port |
Enter the originating address and Port number that this Profile is associated with. |
Destination address/ Port |
Enter the destination address and Port number that this Profile is associated with. |
Network type |
Select the Network type:
|
Network security |
Select the type of security required for this Profile:
|
Security Profile |
Select the Security Profile to associate with this Network Profile. |
If Communication is set to X.25: |
|
User Data |
Enter user data. Used for X.25 networks. |
For outbound connections,by default Gateway uses the predefined HTTP template remote site. For HTTPS exchanges, you must define a security profile for the template site. However, since HTTPS uses the same default site as HTTP, it is impossible to have both HTTP and HTTPS outbound connections at the same time using the standard Gateway configuration.
To allow the association of any number of security profiles for an outbound protocol, make a copy of the default remote site in Gateway and configure it to use the desired security profile. You can then override the default outgoing site with the new one you defined. To implement the override you use the peltrans command with the –da option (-da = destination site alias).
Field | Description |
---|---|
Name |
Enter a name for the TLS Profile. The Profile name must be unique in the Network Profile database.
For this example enter HTTPS_OUT |
Profile type | Select CLIENT from the drop-down list. |
Client authentication | Select TLS_AUT_ANONYMOUS from the drop-down list. |
Accepted SSL versions |
Select both of the options:
|
Accepted cipher suites |
Leave the default Accepted cipher suites for this example. |
Accepted authorities | (Disabled for client mode.) |
Certificate templates |
There are no certificate templates to provide for this example. |
Trust hosted certificates only | Do not select this option for use with PassPort. |
Automatic import of partner certificate chains | Do not select this option for use with PassPort. |
Select single certificate | Do not select a certificate for use with PassPort. |
Field | Description |
---|---|
Cache enabled | Select this option. |
Regenerate enabled | Select this option. |
Exit scheduling | Do not select this option. |
Close notify disabled (FTP and HTTP) | Select this option. |
Certificate path |
Enter the maximum number of certificates accepted in a certification chain. Any certification chain that contains more elements is rejected. Enter 7 for this example. |
User param | Do not use this field. |
FTP /SMTP / HTTP section | |
Connection securing mode | Select Explicit from the drop-down list. |
Global session policy |
This field is only available if you set the Connection securing mode to Explicit. Select Mandatory from the drop-down list. |
FTP data session policy |
This field is only available if you set the Connection securing mode to Explicit. Select Mandatory from the drop-down list. |
Field | Description |
---|---|
Local entity section | |
Name | Enter the local entity name for access to the PassPort PS server. |
Password | Enter the entity password. |
Confirmation | Confirm the entity password. |
Partner entity section | |
Name | Do not complete this field. |