SSL Settings dialog box

Type of client certificate on the local computer that provides server identity, certificate, and public key information to clients that try to establish a connection. The options are:

• User (default)—For Windows, choose if the certificate store is a certificate store owned by the current User Profile. For Java, choose if the certificate store is the name of a JKS (Java Key Store) file. If the provider is OpenSSL, choose if the certificate store is a file that contains the PEM encoded certificate and private key.
• Machine—Certificate store is a machine store. This option is not available in Java or when provider is OpenSSL.
• PFX File—Certificate store is the name of a Private Key Server or PFX (PKCS12) file containing certificates. If the provider is OpenSSL, the file may contain only one certificate and private key.
• PFX Blob—Certificate store is a string (binary or base64 encoded) representing a certificate store in PFX (PKCS12) format.
• PEM Key—Certificate store is a string or file name that contains a Privacy Enhanced Mail (PEM) encoded certificate and private key. This store type is currently not supported in Java.

Name of the certificate store for the client certificate on the local machine. The storage location is called the certificate store. A certificate store will often have numerous certificates, possibly issued from a number of a different certification authorities. The options are:

• MY—Certificate store holding personal certificates with their associated private keys.
• CA—Certificate store holding Certifying Authority (CA) certificates.
• ROOT—Certificate store holding ROOT certificates.
• SPC—Certificate store holding Software Publisher Certificate (SPC) certificates.
• Other—Other Certificate Store not listed above.
• If your Certificate Store Type is PFX File, enter the name of the file here.
• If your Certificate Store Type is PFX Blob, enter the binary contents here.
• If you are using OpenSSL, enter the name of the file containing a certificate and a private key.

Password for the certificate store on the local computer, if one is required.

If selected, the HTTPS server uses OpenSSL as a certificate authority.

If deselected, the server uses SSL.

Default value: Deselected

String that controls the ciphers to be used by SSL. The cipher list consists of one or more cipher strings separated by colons.

Name of the file containing the list of certificate authorities (CAs) trusted by your application. The file set by this property should contain a list of CA certificates in PEM format.

Path to a directory containing CA certificates. The path set by this property should point to a directory containing CA certificates in PEM format.

Indicates the supported security protocols on the HTTPS server. The options are:

• TLS1—Version 1 of the Transport Layer Security (TLS) protocol.
• SSL3—Version 3 of the Secure Sockets Layer (SSL) protocol.
• SSL2—Version 2 of the Secure Sockets Layer (SSL) protocol.
• PCT1—Version 1 of the Private Communications Transport (PCT) protocol.

Note: Although a number of sites still support SSL2, Nuance recommends that you disable it because of potential security vulnerabilities.

Click to test the connection to the HTTPS (SSL) server.