Dell Wyse 3020 Wyse ThinOS Version 8.5 INI Reference Guide - Page 27

For Example: FileServer, SecurityMode, Security process includes, LogLevel

Get Dell Wyse 3020 PDF manuals and user guides View all Dell Wyse 3020 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 27 highlights

FormURL=URL to a file HealthCastServer=vip list [LogLevel={0, 1, 2 ,3}] [SecurityMode={default, full, warning, low}] [ClientCertificate=certificate file name] of the three modes. The option SecurityMode specifies these security modes. SecurityMode - Specifies the security level for the file server during client verification of the server certificate. This option is only valid when connecting to an https file server. When configuring the https file server, the Username and Password options of the FileServer parameter can be omitted. Use the following guidelines: • Set SecurityMode=Full to have the client verify the server certificate in highest security mode; if any error occurs during verification, the client will not connect to the server and a popup message is displayed. • Set SecurityMode=Warning to have the client provide a warning when the client cannot verify the server certificate, but still allow the user to select to continue client connection to the server. • Set SecurityMode=Low to indicate that the client allows connection without any certificate verification. • Set SecurityMode=Default to indicate that the client follows SecurityPolicy settings to check certificate. • Default value of the setting is Default. If the settings are factory default or if you are upgrading to ThinOS 8.3 for the first time, the value is temporarily set to None. After loading any INI, it goes to default. • If the security mode value in WNOS.INI is not the same as the one saved in Client NVRAM, client shows a reboot dialog box. NOTE: Security process includes: 1 Verification that certificate has a valid date 2 Verification that Issuer is valid and correct 3 Certificate verification passes 4 CN and SAN on the certificate matches the DNS naming For Example: FileServer=https://10.151.122.66:444 SecurityMode=warning. Specifies the URL to the name of a bitmap file (.ico, .bmp, .jpg, or .gif), to be displayed in the sign-on window, residing under the thin client home directory. The length of the path, including the home directory and the file, is limited to 128 characters. If auto dialup is enabled, this statement is invalid. Specifies a list of VIP addresses with optional TCP port number of HealthCast servers. LogLevel-The option LogLevel is for debug purpose; 0 means no log. SecurityMode -Specifies the SSL certification validation policy. If set to default, it will apply SecurityPolicy setting. If set to full, the SSL connection needs to verify server certificate. If it is untrusted, then drop the connection. If set to warning, the SSL connection needs to verify server certificate. If it is untrusted, you may still continue or drop the connection. If set to low, the server certificate will not be checked. The value will be persistent, and the default value of the setting is default. ClientCertificate -The option specifies the client certificate file name during SSL connection between Healthcast server and client. Parameters for wnos INI files only 27

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
of the three modes. The option SecurityMode
specifies
these
security modes.
SecurityMode
Specifies
the security level for the
file
server
during client
verification
of the server
certificate.
This option is only
valid when connecting to an https
file
server.
When
configuring
the https
file
server, the Username and
Password options of the FileServer parameter can be omitted. Use
the following guidelines:
Set SecurityMode=Full to have the client verify the server
certificate
in highest security mode; if any error occurs during
verification,
the client will not connect to the server and a pop-
up message is displayed.
Set SecurityMode=Warning to have the client provide a
warning when the client cannot verify the server
certificate,
but
still allow the user to select to continue client connection to the
server.
Set SecurityMode=Low to indicate that the client allows
connection without any
certificate
verification.
Set SecurityMode=Default to indicate that the client follows
SecurityPolicy settings to check
certificate.
Default value of the setting is Default. If the settings are factory
default or if you are upgrading to ThinOS 8.3 for the
first
time,
the value is temporarily set to None. After loading any INI, it
goes to default.
If the security mode value in WNOS.INI is not the same as the
one saved in Client NVRAM, client shows a reboot dialog box.
NOTE:
Security process includes:
1
Verification
that
certificate
has a valid date
2
Verification
that Issuer is valid and correct
3
Certificate
verification
passes
4
CN and SAN on the
certificate
matches the DNS
naming
For Example: FileServer=https://10.151.122.66:444
SecurityMode=warning.
FormURL=URL to a
file
Specifies
the URL to the name of a bitmap
file
(.ico, .bmp, .jpg,
or .gif), to be displayed in the sign-on window, residing under the
thin client home directory. The length of the path, including the
home directory and the
file,
is limited to 128 characters. If auto dial-
up is enabled, this statement is invalid.
HealthCastServer=vip list
[LogLevel={0, 1, 2 ,3}]
[SecurityMode={default, full, warning, low}]
[ClientCertificate=certificate
file
name]
Specifies
a list of VIP addresses with optional TCP port number of
HealthCast servers.
LogLevel
—The option LogLevel is for debug purpose; 0 means no
log.
SecurityMode
—Specifies
the SSL
certification
validation policy. If
set to default, it will apply SecurityPolicy setting. If set to full, the
SSL connection needs to verify server
certificate.
If it is untrusted,
then drop the connection. If set to warning, the SSL connection
needs to verify server
certificate.
If it is untrusted, you may still
continue or drop the connection. If set to low, the server
certificate
will not be checked. The value will be persistent, and the default
value of the setting is default.
ClientCertificate
—The option
specifies
the client
certificate
file
name during SSL connection between Healthcast server and client.
Parameters for wnos INI
files
only
27