P2PSslSettings
Defines server and client authentication options when using HTTPS for P2P content transfer (i.e. P2PEnabled 0x60 option is set).
Registry value |
Default value |
Notes |
Installer property |
---|---|---|---|
P2PSslSettings |
0 |
The default value (0) configures Content Distribution to use a self-signed certificate for server authentication and disables certificate-based client authentication. P2PSslSettings is a numeric value where, when represented in binary, each bit represents a configurable option as defined in the table below. You can combine these options to derive the required value, for example setting P2PSslSettings to 3 (0x1 + 0x2) configures Content Distribution to use a PKI certificate for server authentication and also enables certificate-based authentication. These options are only applicable if the HTTPS protocol has been enabled in the P2PEnabled setting. If you are using PKI certificates you must deploy the certificates to all clients before enabling this option. Refer to Peer copy over HTTP or HTTPS for further details on using HTTPS and associated authentication. |
Bit |
Hex |
Decimal |
Notes |
---|---|---|---|
0 |
0x0001 |
1 |
If not set (0), use self-signed certificate for server (Master) authentication. If set (1), use PKI certificate for server (Master) authentication. |
1 |
0x0002 |
2 |
Enables certificate-based client authentication (Requires a PKI client authentication certificate). If this option is enabled and the Configuration Manager client is using self-signed client authentication certificates (or Content Distribution is being used outside of Configuration Manager), you should specify CertIssuer to ensure Content Distribution uses the intended certificate. |