TLS / SSL Connection Tab
On this page
The TLS / SSL tab allows you to connect deployments with TLS / SSL. For more information on TLS / SSL, see TLS Options
Procedure
1
3
Click the TLS / SSL tab.
You can leave TLS unset with the Default option or set the TLS / SSL
connection On or Off.
Option | Description |
|---|---|
Default | The Default option leaves the TLS option unset. The
Default / unset TLS /SSL option is enabled when using a
DNS seedlist
(SRV)
in the connection string. To learn more about the additional options
available, see Additional TLS / SSL Options. |
On | Select the On option when using a DNS seedlist (SRV) in the
connection string. When TLS / SSL Connection is On, you can
specify additional certificate options for your connection string.
To see more on the additional certificate options available, see
Additional TLS / SSL Options. |
Off | The Enable TLS / SSL to avoid security vulnerabilities. |
Additional TLS / SSL Options
When TLS is On you can specify the following:
Option | Description |
|---|---|
Certificate Authority | One or more certificate files from trusted Certificate Authorities
to validate the certificate provided by the deployment. |
Client Certificate | Specifies the location of a local .pem file that contains either
the client's TLS/SSL X.509 certificate or the client's TLS/SSL
certificate and key. |
Client Key Password | If the Client Private Key is protected with a password,
you must provide the password. |
tlsInsecure | Disables various certificate validations. |
tlsAllowInvalidHostnames | Disables hostname validation of the certificate presented by
the the deployment. |
tlsAllowInvalidCertificates | Disable the validation of the server certificates. |
Warning
Enabling tlsInsecure, tlsAllowInvalidHostnames, and
tlsAllowInvalidCertificates may cause a security vulnerabilty.
4