Using the Redirector :: Encryption

Configuring SSL Encryption

Encryption uses one of five ciphers and a cipher strength, both of which are negotiated when the SSL connection is established.  The redirector includes support for:

• Ciphers: RC2, RC4, DES, 3DES, and AES.

• Cipher strengths: 40 bits to 256 bits.

Not all ciphers work with all strengths, and this is automatically managed when the network connection is negotiated.

To configure SSL encryption

In the Serial/IP Control Panel:

1. Click Advanced to get the Advanced Settings window.

2. Click the SSL Encryption tab.

3. To change the range of encryption strengths available (for all ciphers), change the selections in the drop-down lists for Minimum and Maximum.

4. To change the set of available ciphers, select/deselect check boxes in the Encryption Ciphers group. Your settings must make at least one cipher available.

Changes are reflected immediately in the Cipher Set Preview display. If no cipher sets appear, the configuration of strengths and ciphers must be corrected.

Tips

The default settings are 128 bit minimum strength, no limit on maximum strength (256 bits), and all ciphers selected. The resulting cipher sets are:

The available cipher sets are also determined by the server configuration. For multi-user sites, the server effectively can be a centralized way to control cipher sets for all redirectors using the server.

In the Serial/IP Port Monitor, the Activity display shows the cipher and strength being used for encrypted connections and the Trace panel shows additional information related to SSL/TLS.

 Notes

These settings are global for the redirector.

The order of appearance in the cipher set preview does not affect their use when a connection is negotiated.

  Related Topics

Local Computer Requirements

Server Requirements