HCL Traveler Companion security settings

There are security settings available that control how Companion connects to the HCL Traveler server and how attachments in encrypted mails can be used on the mobile device.

These options are controlled by a setting called NTS_COMPANION_POLICY that can be added to the notes.ini on the HCL Traveler server. The HCL Traveler server must be restarted after these settings are saved to notes.ini.
Table 1.
Notes®.ini setting name Values Description
NTS_COMPANION_POLICY nountrustedcert

Deprecated. In HCL Companion, starting with version 12.0.2, this policy setting is ignored. HCL Companion no longer supports connecting to a Traveler server endpoint over a non-ssl connection or a connection with an untrusted or expired SSL certificate.

In HCL Companion prior to version 12.0.2, this setting could be used to prevent the Companion application from connecting to any server using an untrusted or expired SSL certificate. If this setting is present and Companion detects an untrusted or expired SSL certificate, then the Apple device user will receive an error indicating that a connection cannot be made because of an untrusted server. If this setting is not present, then Companion will warn the user that an untrusted server was detected, but it will give the user the choice to cancel or continue with the connection to the HCL Traveler server.

noexport Prevents attachments within encrypted mail from being printed, or exported to or viewed by any third party application on the Apple device. By setting this policy, only attachments that are viewable using Apple built-in viewers can be opened on the Apple device. If this setting is not present, then attachments can be opened by third party applications installed on the Apple device that support this type of attachment.
NTS_COMPANION_POLICY can have multiple values by separating the values with a comma. For example, to include both of the new options, use the following in notes.ini:
NTS_COMPANION_POLICY=nountrustedcert,noexport