Menu path: Setup > Sessions > Browser > Browser Global > Encryption

In this area, you can define the settings for encryption methods and certificate validation.

  • Minimum required encryption protocol: This protocol will be used to establish a secure connection if no higher protocol is available. Higher protocols are preferred.
  • Maximum supported encryption protocol: This protocol is requested when negotiating the connection. If this protocol is not available, the next lowest protocol will be requested.
  • If a website requires a certificate: Specifies how the browser behaves if a website requests a security certificate.
    Possible values:
    • Select one automatically: The browser selects a certificate automatically.
    • Ask me every time: A dialog window requesting the certificate will be displayed.
  • View Certificates: If you click on this button, the certificates saved in the browser's Certificate Manager will be displayed.
  • Certificate Validation: Specifies the validation of certificates using OCSP (Online Certificate Status Protocol).
    • Do not use OCSP for certificate validation: The certificate will not be validated using OCSP.
    • Validate a certificate if it specifies an OCSP server: The certificate will be validated with the OCSP server specified in the certificate. If no OCSP server is specified, no certificate validation will take place.
    • Validate all certificates using the following OCSP server: All certificates will be validated with the OCSP server specified under the Service URL, irrespective of which OCSP server is specified in the certificate.
  • Response signer: Signer of the response from the OCSP server
  • Service URL: URL of the OCSP server
  • When an OCSP server connection fails, treat the certificate as invalid: If, owing to a failed connection to the OCSP server, no validation can take place, the certificate will be treated as invalid. In this case, the browser will show the This connection is not trusted error message.
  • Use "Gemalto/SafeNet eToken" Security Device: If this option is enabled, Gemalto/SafeNet eToken will be used for encryption.
  • Use "Gemalto" Security Device: If this option is enabled, Gemalto will be used for encryption.
  • Use "IDProtect" Security Device: If this option is enabled, Athena IPProtect will be used for encryption.
  • Use "SafeSign" Security Device: If this option is enabled, SafeSign will be used for encryption.
  • Use "SecMaker" Security Device: If this option is enabled, SecMaker will be used for encryption.
  • Use TCOS 3 NetKey Security Device: If this option is enabled, TCOS 3 NewKey will be used for encryption.
  • Use TCOS 3 SigG Security Device: If this option is enabled, TCOS 3 SigG will be used for encryption.
  • Use TCOS 3 Elster Security Device: If this option is enabled, TCOS 3 Elster will be used for encryption.
  • Use TCOS 3 SD Security Device: If this option is enabled, TCOS 3 SD will be used for encryption.