SEAL
- 20 Jan 2025
- 2 Minutes to read
- DarkLight
- PDF
SEAL
- Updated on 20 Jan 2025
- 2 Minutes to read
- DarkLight
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
Use the Communicators > SEAL tab to create a new SEAL communicator.
Existing SEAL communicators are listed in the upper list pane. Select/clear the checkboxes to enable/disable the respective communicators.
Enabling SEAL will only take effect if it is allowed by your license
| Field name | Description |
|---|---|
| IP Address | This is the IP address the OneSpan Authentication Server service uses to handle SEAL requests. |
| Port | This is the port the OneSpan Authentication Server service uses to handle SEAL requests. |
| DPX File Upload Location | The location where OneSpan Authentication Server stores copies of uploaded DIGIPASS export file (DPX) data. |
| Require administration client component registration | Select this checkbox to use strict client component verification for administrative SEAL logon requests. If this option is enabled, there must be an Administration Program client component record for every location at which either a Tcl Command-Line Administration tool instance runs or Audit Viewer sets up a live connection to OneSpan Authentication Server. |
If you want to secure the connection with SSL, select Enable SSL and enter the necessary details. Note that SSL will also need to be configured at the OneSpan Authentication Server end.
| Field name | Description |
|---|---|
| SSL Cipher Suite Security Level | OneSpan Authentication Server supports SSL cipher suites defined under the labels Very High, High, Medium, and Low. For more information, refer to the OneSpan Authentication Server Administrator Guide, Section "SSL cipher suites". |
| Server Certificate | |
| Certificate File | Browse to the location of the SSL server certificate. This file is used by the server to secure the connection. |
| Password | The corresponding password for the certificate file. |
| Client Certificate Verification | |
| CA Certificate File | Optional. The certificate file used to allow clients to connect via SSL. Certification authority (CA) files should be located on the same host as OneSpan Authentication Server. If your CA file is located on a network share, you need to copy the file locally before you browse to it and select it. |
| Require Client Certificate | If you do not require an SSL client certificate, select Never from this list. If you choose any setting other than Never, you will be required to set a CA certificate file. |
| Re-Verify on Re-Negotiation | Select this checkbox to perform the SSL handshake each time you reconnect. If you reconnect each time you send a message you should leave this box unchecked as it will slow performance. |
| Automatically trust certificates | If this checkbox is not selected, the client certificates will be verified that they match the CA certificate stored in the certificate store/trust store before proceeding with every connection. Select this checkbox to skip that certificate verification and automatically accept and trust any certificate that is sent by the client. This option makes connections potentially insecure. We highly recommend that you do not enable this option. |
Was this article helpful?