| Name | Value |
|---|---|
| TLS_CIPHERS_DEFAULT | n/a |
| TLS_CIPHERS_OLD | n/a |
| TLS_CIPHERS_CUSTOM | n/a |
Table 5.29. Constants for cipher selection
| Name | Value |
|---|---|
| TLSV1_3_CIPHERS_DEFAULT | n/a |
| TLSV1_3_CIPHERS_CUSTOM | n/a |
Table 5.30. Constants for TLSv1.3 cipher selection
| Name | Value |
|---|---|
| TLS_SHARED_GROUPS_DEFAULT | n/a |
| TLS_SHARED_GROUPS_CUSTOM | n/a |
Table 5.31. Constants for shared group selection
| Name | Value |
|---|---|
| TLS_HSO_CLIENT_SERVER | Perform the TLS-handshake with the client first. |
| TLS_HSO_SERVER_CLIENT | Perform the TLS-handshake with the server first. |
Table 5.32. Handshake order.
| Name | Value |
|---|---|
| TLS_NONE | Disable encryption between Vela and the peer. |
| TLS_FORCE_TLS | Require encrypted communication between Vela and the peer. |
| TLS_ACCEPT_STARTTLS | Permit STARTTLS sessions. Currently supported only in the Ftp, Smtp and Pop3 proxies. |
Table 5.33. Client connection security type.
| Name | Value |
|---|---|
| TLS_NONE | Disable encryption between Vela and the peer. |
| TLS_FORCE_TLS | Require encrypted communication between Vela and the peer. |
| TLS_FORWARD_STARTTLS | Forward STARTTLS requests to the server. Currently supported only in the Ftp, Smtp and Pop3 proxies. |
Table 5.34. Server connection security type.
| Name | Value |
|---|---|
| TLS_TRUST_LEVEL_NONE | Accept invalid for example, expired certificates. |
| TLS_TRUST_LEVEL_UNTRUSTED | Both trusted and untrusted certificates are accepted. |
| TLS_TRUST_LEVEL_FULL | Only valid certificates signed by a trusted CA are accepted. |
Table 5.35. Constants for trust level selection.
| Name | Value |
|---|---|
| TLS_INTERMEDIATE_REVOCATION_NONE | Ignore result of CA certificate revocation status check. |
| TLS_INTERMEDIATE_REVOCATION_SOFT_FAIL | Check every CA certificate revocation state in the certificate chain. Uncertainty is tolerated. |
| TLS_INTERMEDIATE_REVOCATION_HARD_FAIL | Check every CA certificate revocation state in the certificate chain. Uncertainty is not tolerated. |
Table 5.36. Constants for intermediate certificates revocation check type.
| Name | Value |
|---|---|
| TLS_LEAF_REVOCATION_NONE | Ignore result of leaf certificate revocation status check. |
| TLS_LEAF_REVOCATION_SOFT_FAIL | Check the revocation state of the leaf certificate. Uncertainty is tolerated. |
| TLS_LEAF_REVOCATION_HARD_FAIL | Check the revocation state of the leaf certificate. Uncertainty is not tolerated. |
Table 5.37. Constants for leaf certificate revocation check type.
Published on February 29, 2024
© BalaSys IT Ltd.
Send your comments to support@balasys.hu
