TLS Hello Indication

TLS initialization message. Sent only within an initialize element.

AttributeAlways present?Purpose
supportedyestrue or false
provideryesName of TLS provider library
optionsnoList of supported options

Example:

<tls-hello supported="true" provider="OpenSSL 1.0.1 14 Mar 2012" options="certFileType chainFile keyFile keyFileType keyPasswd acceptHostname verifyHostCert tls">

TLS Options

The Toggle() action allows the TLS configuration to be changed. The tls-hello indication shows whether TLS is supported, and lists the TLS-related option keywords supported by this implementation (not all implementations support all options). Possible values include:

Option NameMeaning
acceptHostnameHostname to check against host certificate name
caDirDirectory holding CA root certificates
caFileFile holding CA root certificates
certFileFile holding client certificate to present
certFileTypeType of certFile (pem or asn1)
clientCertName of client certificate to present
chainFileFile holding chain of CA certificates
keyFileFile holding key for certFile
keyFileTypeType of keyFile (pem or asn1)
keyPasswdPassword for client certificate (file:xxx or string:xxx)
tlstrue to accept the TELNET STARTTLS option (default), false to reject it
verifyHostCerttrue to verify the host certificate (default), false to accept any certificate

b3270: Protocol - Operations - Indications