P2PSslSettings

Defines server and client authentication options when using HTTPS for P2P content transfer (i.e. P2PEnabled 0x60 option is set).

Registry value

Default value

Notes

Installer property

P2PSslSettings

0

The default value (0) configures Content Distribution to use a self-signed certificate for server authentication and disables certificate-based client authentication.

P2PSslSettings is a numeric value where, when represented in binary, each bit represents a configurable option as defined in the table below. You can combine these options to derive the required value, for example setting P2PSslSettings to 3 (0x1 + 0x2) configures Content Distribution to use a PKI certificate for server authentication and also enables certificate-based authentication.

These options are only applicable if the HTTPS protocol has been enabled in the P2PEnabled setting.

If you are using PKI certificates you must deploy the certificates to all clients before enabling this option. Refer to Peer copy over HTTP or HTTPS for further details on using HTTPS and associated authentication.

MODULE.NOMAD.P2PSSLSETTINGS

 

Bit

Hex

Decimal

Notes

0

0x0001

1

If not set (0), use self-signed certificate for server (Master) authentication.

If set (1), use PKI certificate for server (Master) authentication.

1

0x0002

2

Enables certificate-based client authentication (Requires a PKI client authentication certificate).

If this option is enabled and the Configuration Manager client is using self-signed client authentication certificates (or Content Distribution is being used outside of Configuration Manager), you should specify CertIssuer to ensure Content Distribution uses the intended certificate.