This page contains all necessary steps to define and use secure sessions (using cryptographed data).

Using Secure Sessions


TELNET secure sessions are those in which all communication data transmitted from emulator program to TELNET server, and vice-versa, are protected under cryptography. It can be based on SSL (Secure Socket Layer) or TLS (Transport Layer Security).

The basic difference between these two types of security (SSL or TLS) is that, on first case, the connection should be done to an secure port (like, for example, port 443 used on secure Web pages, accessed throught 'https://' prefix), while in the second case, any regular port, like Telnet port (23), can be used and the entire process of establishing secure communication is done using the TELNET protocol, by negotiating supported options of security, between the server and the emulator program.
For establishing an secure session between Tec3270 and the TELNET server, the below steps should be followed:
Choose or identify which one of the two options (SSL or TLS) will be used on establishing the secure session:
  If the first one (SSL) will be used, an session should be defined, as described in Session Configuration, supplying the TELNET server address and port, and selecting the SSL version that should be used (if you don't know the right one, both may be selected).
The other informations are common to cryptographed sessions and the ones that aren't;
  If the second one (TLS) will be used, session definition is done as the same way not secure sessions are, but you should verify how TLS is implemented by TELNET server and identify which option of protocol (TLSV1 or SSLv3) must be used. This information must be supplied on Security Options dialog, that can be activated by choosing 'Security Options' on [Security] item of Tec3270 main menu;
On both cases, above, if TELNET server requires an Personal Digital Certificate, it must be provided. So, you must have it, before connecting.
Also you should define if the TELNET server digital certificate will, or not, be verified (and Security Alert dialog shown, when some problem is detected). The certificate revoked by its issuer (the Certification Authority) may be verified by downloading last CRL(Certificates Revoked List) from issuer's web site. These options may be choosed on Security Options dialog.