Security

Overview

JET 3270 supports secure, encrypted connections. Your Telnet 3270 Server must support SSL 3 and/or TLS 1.0 to enable JET 3270 to start a secure connection with it.

TLS 1.0 is based on, and is very similar to SSL 3. Both provide a high level of security by exchanging a set of session keys, which JET 3270 generates, and encrypts using the server's public key. Only the server knows the private key needed to decrypt the set of keys. In addition, JET 3270 verifies that the server is who it says it is by checking that its certificate has been signed by a trusted Certificate Authority, and that the host address in the certificate is that same as the host to which JET 3270 is connected.

After the server and JET 3270 have agreed on a set of session keys, all information flowing between them is encrypted, and protected from modification.

Limitations under Java Plug-in 1.4 or later

Under Java Plug-in 1.4 or later, JET 3270 will warn the user if the server sends an untrusted or expired certificate and continue the connection if the user wishes. However, JET 3270 does not remember the user's preference. So the warning will appear everytime a connection is made to that server.

Details

Connection Requirements

Label: Start a Secure Connection
Values: yes or no
Default value: no
Description
Whether JET 3270 will negotiate a secure connection using SSL or TLS protocols with the host.

Versions Supported

Label: SSL 3.0
Value type: yes or no
Default value: yes
Description
For Internet Explorer and Java Plug-in 1.4 or later users, whether JET 3270 will provide support for SSL 3 protocols.

Label: TLS 1.0
Value type: yes or no
Default value: no
Description
For Internet Explorer and Java Plug-in 1.4 or later users, whether JET 3270 will provide support SSL 3 do not correctly handle communications with a TLS-capable client. Therefore you should use care when enabling this setting.