Reference Guide
Parameter Description
SecurityMode — Specifies the security level for the file server during client
verification of the server certificate. This option is only valid when connecting to an
https file server.
When configuring the https file server, the Username and Password options of the
FileServer parameter can be omitted. Use the following guidelines:
• Set SecurityMode=Full to have the client verify the server certificate in highest
security mode; if any error occurs during verification, the client will not connect
to the server and a pop-up message is displayed.
• Set SecurityMode=Warning to have the client provide a warning when the client
cannot verify the server certificate, but still allow the user to select to continue
client connection to the server.
• Set SecurityMode=Low to indicate that the client allows connection without
any certificate verification.
• Set SecurityMode=Default to indicate that the client follows SecurityPolicy
settings to check certificate.
• Default value of the setting is Default. If the settings are factory default or if you
are upgrading to ThinOS 8.3 for the first time, the value is temporarily set to
None. After loading any INI, it goes to default.
• If the security mode value in WNOS.INI is not the same as the one saved in
Client NVRAM, client shows a reboot dialog box.
NOTE: Security process includes:
1. Verification that certificate has a valid date
2. Verification that Issuer is valid and correct
3. Certificate verification passes
4. CN and SAN on the certificate matches the DNS naming
For Example: FileServer=https://10.151.122.66:444 SecurityMode=warning.
Username-Enc specifies the AES encrypted username of the file server.
Password-Enc specifies the AES encrypted password of the file server.
Use Windows Password_Gen tool to generate the encrypted string.
FormURL=URL to a file
Specifies the URL to the name of a bitmap file (.ico, .bmp, .jpg, or .gif), to be
displayed in the sign-on window, residing under the thin client home directory. The
length of the path, including the home directory and the file, is limited to 128
characters. If auto dial-up is enabled, this statement is invalid.
HealthCastServer=vip list
[LogLevel={0, 1, 2 ,3}]
[SecurityMode={default, full, warning, low}]
[ClientCertificate=certificate file name]
Specifies a list of VIP addresses with optional TCP port number of HealthCast
servers.
LogLevel—The option LogLevel is for debug purpose; 0 means no log.
SecurityMode —Specifies the SSL certification validation policy. If set to default,
it will apply SecurityPolicy setting. If set to full, the SSL connection needs to verify
server certificate. If it is untrusted, then drop the connection. If set to warning, the
SSL connection needs to verify server certificate. If it is untrusted, you may still
continue or drop the connection. If set to low, the server certificate will not be
checked. The value will be persistent, and the default value of the setting is default.
ClientCertificate —The option specifies the client certificate file name during SSL
connection between Healthcast server and client.
INACTIVE=minutes
[NoSessionTimer=minutes]
[LockTimer=seconds]
Default is 0. There is no Idle timeout. The range is 0 minutes to 480 minutes.If the
value given is bigger than 480, 480 is set instead. If the value given is smaller than
0, 0 is set instead.
When the system idle is time out in the configured minutes, the system will
automatically sign off, reboot or shutdown which are based on the setting of
AutoSignoff.
24 Parameters for wnos INI files only