68 • Configuration HP NonStop SSL Reference Manual
See also
MAXVERSION
PASSIVE
Use this parameter to define the direction of the data socket connection in FTPC mode
Parameter Syntax
PASSIVE mode
Arguments
mode
1 for passive mode, 0 for active mode.
Default
The default for this parameter is 1 (passive mode enabled).
Considerations
• This parameter is only relevant in the FTPC run mode of HP NonStop SSL
• In FTP, the data socket connection request can be made by the FTP client ("passive mode") or by the FTP
server ("active mode"). The best choice for your environment depends on the capabilities of the FTP server you
are communicating with and on your firewall settings.
• HP NonStop SSL in FTPS mode currently only supports passive mode, therefore to interact with HP NonStop
SSL in FTPS mode, make sure to set the PASSIVE parameter to 1 for HP NonStop SSL running in FTPC mode.
PEERCERTCOMMONNAME
Use this parameter to enforce verification of the content of remote certificates presented to HP NonStop SSL.
Parameter Syntax
PEERCERTCOMMONNAME commonname
Arguments
commonname
the expected common name of the remote certificate.
Default
The default for this parameter is '*' which means the content will not be verified.
Examples
PEERCERTCOMMONNAME tandem1.mycompany.com
Considerations
• This parameter should not be used together with the parameter PEERCERTFINGERPRINT as behavior may be
unpredictable then.
• If other than '*', the actual common name of the remote certificate will be compared against the content of the
parameter.
• If the actual value of the common name in the remote certificate is part of the value configured in the parameter,
it will be accepted. This allows configuring a list of common names.
To Next Page
Loading...
