Release Notes
INI parameters Description
Taskbar—Species the style to be used for taskbar. The option wholescreen places the
taskbar at the bottom of the entire screen. The option mainscreen places the taskbar at
the bottom of the main screen. This is not applicable for Wyse 5070 thin client.
Device=audio
*[jack_popup=[yes, no]
Species the ThinOS local audio setting.
The default value of jack_popup option is yes. If jack_popup=no, it disables jack popup
selection message when headset jack is plugged in.
ScepAutoEnroll={yes, no}
AutoRenew={yes, no}
InstallCACert={yes, no}
[CountryName=country]
[State=state]
[Locality=locality]
[Organization=organization_name]
[OrganizationUnit=organization_unit]
[CommonName=common_name]
[Email=email_address]
KeyUsage=key_usage
KeyLength={1024, 2048, 4096 }
[subAltName=subject_alt_name_list]
RequestURL=scep_request_url
CACertHashType={MD5, SHA1}
CACertHash=CA_HASH_VALUE
[EnrollPwd=enrollment_password]
[EnrollPwdEnc=encrypted_enrollment_pass
word]
[ScepAdminUrl=scep_administrator_page_u
rl]
[ScepUser=scep_enrollment_user]
This option is to allow client automatically get
certicates and renew certicates using
SCEP protocol.
ScepAutoEnroll—Set this keyword to yes to enable client's functionality to automatically
obtain certicate.
Set AutoRenew—Set this keyword to yes to enable certicate auto renew. Client only
tries to renew certicates requested either manually or automatically through SCEP from
this client, and the renewal is performed only after a certicate's 1/2 valid period has
passed.
Set InstallCACert—Set this keyword to yes to install the root CA's certicate as trusted
certicate after successfully getting a client certicate.
CountryName, State, Locality, Organization, OrganizationUnit, CommonName, Email—
These keywords together compose the subject identity of the requested client certicate.
Country Name should be two letters in uppercase, other elds are printable strings with a
length shorter than 64 bytes, and email_address should have a '@' in it. At least one of the
preceding elds must be congured correctly to form the client certicate's subject
identity.
KeyUsage—This option is to specify key usage of the client certicate and should be set
to a digitalSignature, keyEncipherment or both using a ';' concatenating these two as
digitalSignature; keyEncipherment.
KeyLength—This option is used to specify the key length of the client certicate in bits,
must have one of the values in the list.
subAltName—This option is to specify the client certicate's subject alternative names. It
is a sequenced list of name elements, and every element is either a DNS name or an IP
address. Use ';' as delimiter between them.
*RequestURL—This option is to specify the SCEP server's service URL. This eld must
be set correctly. The default protocol for SCEP service is HTTP, and data security is
ensured by SCEP itself. You can also add https:// prex if SCEP service is deployed on
HTTPS in your environment.
*CACertHashType—This hash type is used to verify certicate authority's certicate,
should be set to MD5 or SHA1 or SHA256.
CACertHash—This is the hash value used to verify certicate authority's certicate. Client
does not issue a certicate request to a SCEP server and cannot pass certicate chain
checking through a valid certicate authority.
EnrollPwd or EnrollPwdEnc—These keywords are used to set the enrollment password
from a SCEP administrator.
EnrollPwd is the plain-text enrollment password and EnrollPwdEnc is the encrypted form
of the same enrollment password. Use only one of these two elds to set the used
enrollment password.
As a substitute of using EnrollPwd or EnrollPwdEnc to directly specify an enrollment
password, client allows using a SCEP administrator's credential to automatically get an
enrollment password from a Windows SCEP server. In this case, the ScepUser,
ScepUserDomain, ScepUserPwd (or ScepUserPwdEnc, in encrypted form instead of
ThinOS 8.5_107
47