The FTP / TLS Options category of the Session Options dialog allows you to control attributes of TLS connections . The TLS Options category only appears when you have selected FTP/TLS
as your Protocol.
Certificate group
SecureFX supports generating and using self-signed certificates, which allows mutual authentication.
Use global certificate
Checking this option instructs SecureFX to use the certificate specified in the Global Options / File Transfer / TLS dialog for this session.
Path
If you choose not to use the global certificate for this session, enter the path of the certificate you want SecureFX to use when authenticating.
Create...
Press this button to configure and generate a new certificate.
Certificate validation group
Standard certificate validation is on by default. Select Disabled to discontinue checking the validity of X.509 certificates. Select Manual to manually accept or reject an unrecognized X.509 certificate.
WARNING: It may leave you vulnerable to invalid certificates if you select Disable or Manual in an attempt to speed up your connection time.
Revocation checking enabled
Check this option to do revocation checking as part of the certificate validation.
WARNING: It may leave you vulnerable to invalid certificates if you select Disable or Manual in an attempt to speed up your connection time.
Revocation checking only uses cache
Check this option to do revocation checking only with the cached Certificate Revocation List (CRL).
Advanced group
Use CCC (Clear Command Channel) after authentication
This option tells SecureFX to transmit data over the control channel in an unencrypted form (i.e., clear text) after authentication. It may be necessary to enable this option when the local client machine is behind a firewall.
Use unencrypted data channel
This option tells SecureFX to transmit data over the data channel in an unencrypted form (i.e., clear text). The control channel, however, will remain encrypted even when this option has been turned on.
WARNING: The above options should only be used when absolutely necessary because selecting either of the above options will result in data being transmitted as clear text.
Related Topics