Specifying SSL settings for a desktop policy

Use the SSL tab of the Desktop Settings document to manage Secure Sockets Layer (SSL) behavior for users of the policy.

Procedure

On the SSL tab, complete the following fields:
Table 1. Secure Sockets Layer (SSL) fields and actions

Field

Enter

Accept SSL Site certificates

Choose one:

  • Yes to allow the server to accept the site certificate and use SSL to access an Internet server, even if the Domino® server does not have a certificate in common with the Internet server.
  • No to not allow this server to accept site certificates.

Accept expired SSL certificates

Choose one:

  • Yes to allow clients to access the server, even if the client certificate is expired.
  • No to not allow clients to access the server with expired client certificates.

SSL protocol version

Choose one:

  • V2.0 only to allow only SSL 2.0 connections.
  • V3.0 handshake to attempt an SSL 3.0 connection. If this fails and the requester detects SSL 2.0, then attempts to connect using SSL 2.0.
  • V3.0 only to allow only SSL 3.0 connections.
  • V3.0 and V2.0 handshake to attempt an SSL 3.0 connection, but start with an SSL.2.0 handshake, which displays relevant error messages. Makes an SSL 3.0 connection, if possible.
  • Negotiated (default) to attempt an SSL 3.0 connection. If it fails, the server attempts to use SSL 2.0. Use this setting unless you are having connection problems caused by incompatible protocol versions.
    Note: Domino® does not use this field for HTTP
    .