Line 145: |
Line 145: |
| </tr> | | </tr> |
| <tr> | | <tr> |
− | <td><span style="color: red;">TLS</span>: TLS cipher</td> | + | <td><span style="color: red;">TLS</span>/<span style="color: olive;">TLS/Password</span>: TLS cipher</td> |
| <td>All {{!}} <span style="color: lime;">DHE+RSA</span> {{!}} <span style="color: lime;">Custom</span>; default: <b>All</b></td> | | <td>All {{!}} <span style="color: lime;">DHE+RSA</span> {{!}} <span style="color: lime;">Custom</span>; default: <b>All</b></td> |
| <td>Packet encryption algorithm cipher.</td> | | <td>Packet encryption algorithm cipher.</td> |
| </tr> | | </tr> |
| <tr> | | <tr> |
− | <td><span style="color: red;">TLS</span> <span style="color: lime;">: Allowed TLS ciphers</span></td> | + | <td><span style="color: red;">TLS</span>/<span style="color: olive;">TLS/Password</span>:<span style="color: lime;"> Allowed TLS ciphers</span></td> |
| <td>Custom {{!}} TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 {{!}} TLS-DHE-RSA-WITH-AES-256-CBC-SHA {{!}} TLS-DHE-RSA-WITH-AES-256-CBC-SHA256 {{!}} TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA {{!}} TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA {{!}} TLS-DHE-RSA-WITH-AES-128-GCM-SHA256 {{!}} TLS-DHE-RSA-WITH-AES-128-CBC-SHA {{!}} TLS-DHE-RSA-WITH-AES-128-CBC-SHA256 {{!}} TLS-DHE-RSA-WITH-SEED-CBC-SHA {{!}} TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA {{!}} TLS-DHE-RSA-WITH-DES-CBC-SHA; default: <b>All</b></td> | | <td>Custom {{!}} TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 {{!}} TLS-DHE-RSA-WITH-AES-256-CBC-SHA {{!}} TLS-DHE-RSA-WITH-AES-256-CBC-SHA256 {{!}} TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA {{!}} TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA {{!}} TLS-DHE-RSA-WITH-AES-128-GCM-SHA256 {{!}} TLS-DHE-RSA-WITH-AES-128-CBC-SHA {{!}} TLS-DHE-RSA-WITH-AES-128-CBC-SHA256 {{!}} TLS-DHE-RSA-WITH-SEED-CBC-SHA {{!}} TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA {{!}} TLS-DHE-RSA-WITH-DES-CBC-SHA; default: <b>All</b></td> |
| <td>Specific cyphers to use. Only 6 can be selected at a time.</td> | | <td>Specific cyphers to use. Only 6 can be selected at a time.</td> |
Line 225: |
Line 225: |
| </tr> | | </tr> |
| <tr> | | <tr> |
− | <td><span style="color: red;">TLS</span>/<span style="color: #0054a6;">Password:</span>Additional HMAC authentication</td> | + | <td><span style="color: red;">TLS</span>/<span style="color: olive;">TLS/Password</span>/<span style="color: #0054a6;">Password:</span>Additional HMAC authentication</td> |
| <td>off {{!}} on; default: <b>off</b></td> | | <td>off {{!}} on; default: <b>off</b></td> |
| <td>An additional layer of HMAC authentication on top of the TLS control channel to protect against DoS attacks.</td> | | <td>An additional layer of HMAC authentication on top of the TLS control channel to protect against DoS attacks.</td> |
| </tr> | | </tr> |
| <tr> | | <tr> |
− | <td><span style="color: red;">TLS</span>/<span style="color: #0054a6;">Password:</span> HMAC authentication key</td> | + | <td><span style="color: red;">TLS</span>/<span style="color: olive;">TLS/Password</span>/<span style="color: #0054a6;">Password:</span> HMAC authentication key</td> |
| <td>.key file; default: <b>none</b></td> | | <td>.key file; default: <b>none</b></td> |
| <td>Uploads an HMAC authentication key file.</td> | | <td>Uploads an HMAC authentication key file.</td> |
| </tr> | | </tr> |
| <tr> | | <tr> |
− | <td><span style="color: red;">TLS</span>/<span style="color: #0054a6;">Password:</span> HMAC key direction</td> | + | <td><span style="color: red;">TLS</span>/<span style="color: olive;">TLS/Password</span>/<span style="color: #0054a6;">Password:</span> HMAC key direction</td> |
| <td>0 {{!}} 1 {{!}} none; default: <b>1</b></td> | | <td>0 {{!}} 1 {{!}} none; default: <b>1</b></td> |
| <td>The value of the key direction parameter should be complementary on either side (client and server) of the connection. If one side uses <i>0</i>, the other side should use <i>1</i>, or both sides should omit the parameter altogether.</td> | | <td>The value of the key direction parameter should be complementary on either side (client and server) of the connection. If one side uses <i>0</i>, the other side should use <i>1</i>, or both sides should omit the parameter altogether.</td> |
| </tr> | | </tr> |
| <tr> | | <tr> |
− | <td><span style="color: red;">TLS</span>/<span style="color: #0054a6;">Password:</span> Certificate authority</td> | + | <td><span style="color: red;">TLS</span>/<span style="color: olive;">TLS/Password</span>/<span style="color: #0054a6;">Password:</span> Certificate authority</td> |
| <td>.ca file; default: <b>none</b></td> | | <td>.ca file; default: <b>none</b></td> |
| <td>Certificate authority is an entity that issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate.</td> | | <td>Certificate authority is an entity that issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate.</td> |
| </tr> | | </tr> |
| <tr> | | <tr> |
− | <td><span style="color: red;">TLS:</span> Client certificate</td> | + | <td><span style="color: red;">TLS</span>/<span style="color: olive;">TLS/Password</span>: Client certificate</td> |
| <td>.crt file; default: <b>none</b></td> | | <td>.crt file; default: <b>none</b></td> |
| <td>Client certificate is a type of digital certificate that is used by client systems to make authenticated requests to a remote server. Client certificates play a key role in many mutual authentication designs, providing strong assurances of a requester's identity.</td> | | <td>Client certificate is a type of digital certificate that is used by client systems to make authenticated requests to a remote server. Client certificates play a key role in many mutual authentication designs, providing strong assurances of a requester's identity.</td> |
| </tr> | | </tr> |
| <tr> | | <tr> |
− | <td><span style="color: red;">TLS:</span> Client key</td> | + | <td><span style="color: red;">TLS</span>/<span style="color: olive;">TLS/Password</span>:Client key</td> |
| <td>.key file; default: <b>none</b></td> | | <td>.key file; default: <b>none</b></td> |
| <td>Authenticates the client to the server and establishes precisely who they are.</td> | | <td>Authenticates the client to the server and establishes precisely who they are.</td> |
| </tr> | | </tr> |
| <tr> | | <tr> |
− | <td><span style="color: red;">TLS</span>/<span style="color: SaddleBrown; " >Config File</span>: Private key decryption password (optional)</td> | + | <td><span style="color: red;">TLS</span>/<span style="color: SaddleBrown;">Config File</span>: Private key decryption password (optional)</td> |
| <td>string; default: <b>none</b></td> | | <td>string; default: <b>none</b></td> |
| <td>A password used to decrypt the server's private key. Use only if server's .key file is encrypted with a password.</td> | | <td>A password used to decrypt the server's private key. Use only if server's .key file is encrypted with a password.</td> |
Line 270: |
Line 270: |
| <li>Some configuration fields become available only when certain other parameters are selected. The names of the parameters are followed by a prefix that specifies the authentication type under which they become visible. Different color codes are used for different prefixes: | | <li>Some configuration fields become available only when certain other parameters are selected. The names of the parameters are followed by a prefix that specifies the authentication type under which they become visible. Different color codes are used for different prefixes: |
| <ul> | | <ul> |
− | <li>Red for <span style="color: red;">Authentication: TLS and TLS/Password</span></li> | + | <li>Red for <span style="color: red;">Authentication: TLS</span></li> |
| + | <li>Red for <span style="color: olive;">Authentication: TLS/Password</span></li> |
| <li>Purple for <span style="color: purple;">Authentication: Static key</span></li> | | <li>Purple for <span style="color: purple;">Authentication: Static key</span></li> |
| <li>Blue for <span style="color: #0054a6;">Authentication: Password</span></li> | | <li>Blue for <span style="color: #0054a6;">Authentication: Password</span></li> |