Difference: APPXClientEncryption (9 vs. 10)

Revision 102008-09-17 - SteveFrizzell

Line: 1 to 1
 
META TOPICPARENT name="APPX500Features"

APPX Desktop Client Encryption

Changed:
<
<		Effective with Release 5.0.0, the APPX Desktop Client includes an option to enable SSL encryption for APPX Desktop Client sessions.
>
>		Effective with Release 5.0.0, the APPX Desktop Client includes an option to enable SSL encryption for "Remote" APPX Desktop Client sessions.
 
Changed:
<
<		Release 5.0.0 or higher of the APPX Desktop Client allows SSL encryption to optionally be enabled for "Remote" APPX Desktop Client sessions connecting to APPX 5.0.0 or higher.  The APPX Desktop Client SSL encryption feature encrypts all data transmitted between the APPX Desktop Client and the APPX server including login ID, password, all session data, all reports printed by the client, and all files transferred between the client and the server.  The APPX Desktop Client can only establish an encrypted SSL connection with an APPX Login Manager that has been properly configured to accept SSL connection requests from the various types of APPX clients.  The APPX Login Manager may be configured to require that the APPX Desktop Client must use SSL encryption.  Furthermore, the APPX Login Manager may require that the APPX Desktop Client identify itself by providing an acceptable SSL certificate [Note: This feature is not yet implemented by the APPX Desktop Client].
>
>		Release 5.0.0 or higher of the APPX Desktop Client allows SSL encryption to optionally be enabled for "Remote" APPX Desktop Client sessions connecting to APPX 5.0.0 or higher.  The APPX Desktop Client SSL encryption feature encrypts all data transmitted between the APPX Desktop Client and the APPX server including login ID, password, all session data, all reports printed by the client, and all files transferred between the client and the server.  The APPX Desktop Client can only establish an encrypted SSL connection with an APPX Login Manager that supports and that has been properly configured to accept SSL connection requests from the various types of APPX clients.  The APPX Login Manager on the APPX Server may be configured to require that the APPX Desktop Client must use SSL encryption.  Furthermore, the APPX Login Manager may require that the APPX Desktop Client identify itself by providing an acceptable SSL certificate [Note: This feature is not yet implemented by the APPX Desktop Client].
 

APPX Desktop Client SSL Preferences

Changed:
<
<		The APPX Desktop Client provides five preferences (parameters) relating to SSL connection requests. 
>
>		The APPX Desktop Client provides five preferences (parameters) relating to SSL connection requests.  Depending on the value specified for SSLMode, the other SSL preferences may not always be relevant.

The APPX Desktop Client has two different handshake protocols.

  • Pre-5.0 Handshake - Used by all APPX Desktop Client versions prior to Version 5.0.0 to initiate a connection with a version 5 APPX Login Manager.  This is the only handshake protocol that can be used by APPX Desktop Client versions prior to version 5.0.0.  APPX Desktop Client versions prior to version 5.0 can only establish "clear text" connections with the
  • 5.0 Handshake - Used by all APPX Desktop Client versions starting with Version 5.0.0 to initiate a connection with a version 5 APPX Login Manager.

The following chart shows the types of connections that are technically possible for the various combinations of versions of the APPX Desktop Client and APPX Server.  Please note that while it is technically possible for a client version prior to 5.0 to connect to an APPX version of 5.0 or higher, this combination is not recommended or supported since we do not guarantee upward compatibility of old client versions with newer APPX Server versions.

Client/APPX Versions APPX-Prior to 5.0  APPX-5.0 & Higher
Client - Prior to 5.0 Text Only Text Only
Client - 5.0 & Higher Text Only Text or SSL
 

SSLMode

  1. Required - When this option is specified, the APPX Desktop Client will attempt to establish an SSL connection with the APPX Login Manager on the APPX server.  If the APPX Login Manager is an older version that does not support SSL connections or if the APPX Login Manager is configured to not allow SSL connections, the client will display an error dialog informing the user that an SSL connection with the requested APPX server is not available.  In this case, the user has the option of cancelling the connection request or allowing the connection to proceed without enabling SSL encryption.
  2. Optional - This option is similar to the Required option.  However, in the event that an SSL connection cannot be established, the client will automatically connect without enabling SSL and without notifying the user.
Line: 18 to 28
 
  1. Pre43 - Do not perform any SSL notification to the target server. This can speed up connections to older builds of APPX Connection managers, such as appxdsvc.exe, winappxd, and appxd that did not have SSL capabilities.

SSLAnonAllowed

Changed:
<
<		This preference determines whether or not the APPX Desktop Client is allowed to connect to an APPX Server that does not have a signed SSL certificate.
>
>		This preference determines whether or not the APPX Desktop Client is allowed to connect to an APPX Server that does not have an SSL certificate signed by a trusted authority such as Verisign or Thawte.
 
  1. True - The connection is allowed
  2. False - The connection is not allowed

SSLMismatchAllowed

Line: 33 to 43
 
  1. False - The connection is not allowed

SSLHandshakeTimeout

Changed:
<
<		This preference specifies the length of time in seconds that the client is to wait after attempting to establish an SSL connection with the APPX Login Manager.  If the specified amount of time passes without establishing an SSL connection, then the SSLMode preference will determine what additional action, if any, takes place.
>
>		This preference specifies the length of time in seconds that the client is to wait after attempting to establish an SSL connection with the APPX Login Manager.  If the specified amount of time passes without establishing an SSL connection, then the connect request will fail.  This handshake timeout only applies when the client is attempting to
 
  1. An integer 0 through 10, with the default being 3.

APPX Connection Manager SSL parameters.

View topic | History: r27 < r26 < r25 < r24 | More topic actions...
 
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2024 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback