previous
next
Use this tab to determine how Transfer Site users authenticate when they connect using the Reflection Transfer Client.
The option you select on this page applies to all Reflection Transfer Client users.
The option you select on this page does not affect connections from alternate SFTP clients. Users who connect directly to the Reflection Secure Shell Proxy will continue to be able to use password authentication by default. To restrict authentication options for these users, use the authentication settings available from the Reflection Secure Shell Proxy console.
Before you can use X.509 certificate authentication, you must have at least one configured PKI Services Manager running, and you need to add it to the Gateway Administrator's list. Reflection PKI Services Manager provides certificate verification services, and is available as a separate download from the Reflection for Secure IT Gateway download page at no additional charge. For information about downloading PKI Services Manager and configuring it for use with Reflection Gateway, see Set Up PKI Services Manager.
Changes made here require a restart of the Reflection Transfer Server. By default, this restart will occur within one minute after you save your change. (This update interval is configurable in the Reflection Transfer Server properties file using the servletengine.ssl.updateInterval setting.)