Administrator Guide
Parameter Description
The option SecurityMode species these security modes. It is only valid
when connected to https leserver, the details of which are shown below:
• Client checks the server certicate in the following phases except in
Low mode:
– Certicate has to have a Valid Date.
– Issuer is valid and correct.
– Certicate verication should pass.
– CN and SAN on cert match DNS naming.
• Set SecurityMode=Full to indicate that the client veries the server’s
certicate in highest security mode. If any error is detected, client
prompts a pop-up box.
• Set SecurityMode=Warning to indicate that the client allows
continuation if any error is detected. follows SecurityPolicy setting to
check the certicate.
• Set SecurityMode=Low to indicate that the client allows connection
without any certicate verication.
• Set SecurityMode=Default to indicate that the client follows
SecurityPolicy setting to check certicate.
• Default value of the setting is Default. If the settings are factory
default or if you are upgrading to ThinOS Lite 2.3 for the rst time, the
value is temporarily set to None. After loading any INI, it goes to
default.
• If the security mode value in xen.INI is not the same as the one saved
in Client NVRAM, client shows a reboot dialog box.
Example: FileServer=https://10.151.122.66:444 SecurityMode=warning
NOTE
:
• The sub parameter SecurityMode of FileServer is only validated
when the FileServer is set to https:// as its prex.
• When you congure the https le server, the sub parameters
Username and Password of FileServer can be omitted.
The option Username-Enc species AES encrypted username of the le
server.
The option Password-Enc species AES encrypted password of the le
server.
Hosts=<hosts
le name>
Species the le name of the hosts. This le is a simple text le that
associates IP addresses with hostnames, one line per IP address. The
length of the le name is limited to 63 characters.
The le must be placed in le server and can be cached if set
MirrorFileServer=yes in the xen.ini. When resolving a host name, the
system will initially look in the le and if not found, will search DNS, WINS,
and so on. The following is an example of format in the hosts le:
10.151.122.1 gateway.ctx.com
10.151.122.123 myvm.ctx.com
IEEE8021X={yes, no}
network={wired, wireless}
[Prole=ssid]
[access={WPA-PSK, WPA2-PSK, WPA-ENT, WPA2-ENT}]
If IEEE8021X is set to no, then all parameters following it is ignored.
If network is not congured, the conguration is ignored.
The key left of equal is case sensitive, and the value right of equal case is
not case sensitive except for credential information; for example
username, password or certicate lename.
192 Creating and Using xen.ini Files