P2PSslSettings
Defines server and client authentication options when using HTTPS for P2P content transfer (i.e. P2PEnabled 0x60 option is set).
Registry value | Default value | Notes | Installer property |
---|---|---|---|
P2PSslSettings | 0 | The default value (0) configures Nomad to use a self-signed certificate for server authentication and disables certificate-based client authentication. P2PSslSettings is a numeric value where, when represented in binary, each bit represents a configurable option as defined in the table below. You can combine these options to derive the required value, for example setting P2PSslSettings to 3 (0x1 + 0x2) configures Nomad to use a PKI certificate for server authentication and also enables certificate-based authentication. These options are only applicable if the HTTPS protocol has been enabled in the P2PEnabled setting. If you are using PKI certificates you must deploy the certificates to all clients before enabling this option. Refer to Peer copy over HTTP or HTTPS for further details on using HTTPS and associated authentication. |
Bit | Hex | Decimal | Notes |
---|---|---|---|
0 | 0x0001 | 1 | If not set (0), use self-signed certificate for server (Master) authentication If set (1), use PKI certificate for server (Master) authentication |
1 | 0x0002 | 2 | Enables certificate-based client authentication (Requires a PKI client authentication certificate) NoteIf this option is enabled and the Configuration Manager client is using self-signed client authentication certificates (or Nomad is being used outside of CM), you should specify CertIssuer to ensure Nomad uses the intended certificate. |