Discuss this help topic in BizCrypto Forum

ExtendedConfiguration (AS2 Adapter)


Extended component configuration details.

Display Name

Extended Configuration

Dynamic Name

string BizCrypto.BizTalk.Adapters.AS2.ExtendedConfiguration

Data Type

String

Default Value

""

Description

This property allows flexible low-level tune-up of the adapter components. Additional options can be set by specifying them in a character string expression assigned to this property. The format of the expression is a sequence of name-value pairs separated by commas or semicolons. For example:
TrustedCertificates="Certs.p7b", ForceCompleteChainValidation="true", HTTPProxyPort=3128.

The following parameters and their values are allowed in the AS2 adapter:

EnableCS = "all" / "compat" / "old" / <number>
This property defines which cipher suites are allowed to be used during SSL/TLS session. Option "all" allows all cipher suites to be used including NULL (no encryption, unsecure) cipher suite. Option "compat" allows only the following suites:
      SB_SUITE_RSA_RC4_SHA,
      SB_SUITE_RSA_3DES_SHA,
      SB_SUITE_RSA_AES128_SHA,
      SB_SUITE_DHE_RSA_3DES_SHA,
      SB_SUITE_DHE_RSA_AES128_SHA,
      SB_SUITE_ECDH_ECDSA_AES128_SHA,
      SB_SUITE_ECDHE_ECDSA_AES128_SHA,
      SB_SUITE_ECDHE_RSA_AES128_SHA,
      SB_SUITE_ECDH_RSA_AES128_SHA,
      SB_SUITE_RSA_AES256_SHA256,
      SB_SUITE_DHE_RSA_AES128_SHA256,
      SB_SUITE_RSA_AES128_GCM_SHA256,
      SB_SUITE_DHE_RSA_AES128_GCM_SHA256,
      SB_SUITE_ECDHE_ECDSA_AES128_SHA256,
      SB_SUITE_ECDH_ECDSA_AES128_SHA256,
      SB_SUITE_ECDHE_RSA_AES128_SHA256.
    Option "old" allows only the following suites:
      SB_SUITE_RSA_RC4_MD5,
      SB_SUITE_RSA_RC4_SHA,
      SB_SUITE_RSA_3DES_SHA,
      SB_SUITE_DHE_RSA_3DES_SHA,
      SB_SUITE_RSA_DES_SHA.
    To enable a certain cipher suite, specify its <number>.

DisableCS = "all" / <number>
This property defines which cipher suites should be disabled during SSL/TLS session. Option "all" disables all possible cipher suites. To disable a certain cipher suite, specifty its <number>.

PrioritizeCS = <number>
This property increments priority values for particular algorithms, which makes them more preferred. To increase a priority of a certain algorithm specify its <number> to this property.

EnableCA = "all" / <number>
This property specifies the compression algorithms, which were accepted during SSL handshake. For now only two algorithms are defined and used: NONE (no compression) and ZLIB. Option "all" allows both algorithms to be used. To enable a certain algorithm specify its <number> to this property.

DisableCA = "all" / <number>
This property disables the compression algorithm used for SSL data transfer. Option "all" disables both algorithms. To disable a certain algorithm specify its <number> to this property.

RAPreventionMode = "strict" / "compatible" / "auto"
This property defines possible renegotiation attack prevention modes. Option "strict" enables renegotiation attack prevention. Option "compatible" disables renegotiation indication extension by allowing compatibility with 2 and 3 SSL protocol versions. Option "auto" automatically chooses whether renegotiation attack prevention should be enabled or disabled.

ServerName = "<name>" / ""
This property enables server name indication extension. This extension is required by some servers (including Google AppEngine and Google services) to provide the correct X.509 certificate for the TLS handshake. The extension is enabled by specifying the server "<name>" to this property. To disable the extension just set this property to an empty string.

SetUseSAExtension = "yes" or "true" / "no" or "false"
This property enables usage of the supported signature algorithms. The values of the algorithms are described in RFC 5246.

Possible Cipher Suites

Possible SSL Compression Algorithms

Possible Renegotiation Attack Prevention Modes

See also:     PromoteSSOProperties     SSOAffiliateApplication    

Discuss this help topic in BizCrypto Forum