Hardware manual
80-001113 SysLINK Administrator’s Guide Page 28
SSL Options
When SSL is configured on an outgoing connection, you must also specify the SSL
connection parameters for each SSL peer. An SSL peer is the remote system that will be on
the other end of the secure SSL connection.
Type of Peer
For an outgoing connection the SSL Peer is normally an SSL Server. However, either side
can be a server or client. This option decides which is which during the SSL handshake.
Peer Identity Verification
This field can be used to enable verification of the remote peer's identity. Peer identity
verification must be enabled in order to guarantee that your secure data is not being
intercepted by an unwanted third-party. If you have specified the fully qualified domain
name (FQDN) in the peer address and this matches the SSL peer’s certificate, then click the
‘Certificate must match peer “”’ button. If you are using an IP address for the peer address,
check the ‘Certificate must belong to’ button and enter the FQDN. Or you may select ‘Don’t
verify peer’s identity’.
Caution: choosing ‘Don’t verify peer’s identity’ opens the possibility for an unwanted third-
party to masquerade as a given peer on the Internet and intercept transactions. Normally
you should not choose this option.
SSL verifies peer identity by using signed certificates. To verify a remote peer's identity:
1) The remote peer must provide a valid certificate.
The remote peer must be configured to provide a valid certificate that proves its
identity.
2) The certificate must be signed by a trusted certification authority (CA).