Pragma TelnetServer supports Secure Socket Layer (SSL) connection
Pragma TelnetServer (Build 9 & up) supports the Secure Sockets
Layer (SSL) protocol to ensure data security. Therefore, when a
SSL-capable telent client connects to Pragma TelnetServer, data
exchanged between the client and the server is no longer in
clear-text. Instead, the data is encrypted using the SSL protocol.
Both SSL capable and regular telnet clients can connect to the Pragma
TelnetServer at the same time and the sessions will be handled accordingly.
*** RELATED ***
SSL Certificate Thumbprint:
Specify the certificate thumbprint if the default thumbprint is not
being used.
To locate the default certificate thumbprint, do the following:
1. Open up a DOS command prompt and type mmc to launch the Microsoft
Management Console (MMC)
2. From File menu, select Add/Remove Span-in
3. Click on the Add button and then select "Certificates"
from the Add Standalone Span-in dialog
4. Select "Computer" for account option and click next.
5. Once Certificates span-in has been added, expand the tree and
select the Personal folder. Expand the Personal folder and select
Certificates. On the right pane of the dialog, double click on the
listed certificate (under "issued to" column) which will
open up a tabbed dialog. Click on the Detaied tab and scroll down to
locate the certificate thumbprint.
NOTE: Steps 1-4 are common to all Windows operating systems. Step 5
is specific to Windows 2003.
Here are two screen shots of the Microsoft Management Console (MMC):
Please note that the certificates need to be in the 'Personal'
container. If the certificate is obtained through a certificate
service, the Certification Authority certficate should be placed in
the 'Trusted Root Certificate Authorities' container. This won't be
necessary if the certificate is obtained from an established
certificate authority such as Verisign or Thawte, or if the
certificate is obtained from the windows domain certificate service
(the CA certificates will already be loaded). CA certificates also
aren't necessary if the certificate is self-signed from a tool like makecert.
There are a couple of ways to get certificates. They can be from a
certificate service or self-signed. Certificates can be obtained from
Versign for a fee by going to their website (www.verisign.com).
Another option is to install a certificate server in your domain.
Windows server installation disks contain the option to install a
certificate server (the process is different for different versions
of windows server - see the server install documentation). If a
domain certificate server is installed, machines will automatically
be loaded with the appropriate CA and host certificates. Also,
certificates can be requested by using the Certificates mmc snap-in
context menus or via the certificate service's web interface.
Here is a web link for using certificate services on windows 2000: http://technet.microsoft.com/en-us/library/bb727098.aspx
For self signed, you can use one of the microsoft tools to create a
certificate. For ssl, the intended purpose needs to include
"Server Authentication". Different tools will activate this
property in different ways. For makecert, the parameter "-eku
1.3.6.1.5.5.7.3.1" needs to be included (the numbered string is
the numerical representation for the "Server Authentication"
purpose. For my machine, I used:
makecert -r -pe -n CN="machine_name" -eku
1.3.6.1.5.5.7.3.1 -ss my -sr localmachine -sky exchange -sp
"Microsoft RSA SChannel Cryptographic Provider" -sy 12
Here is a writeup from the web: http://tcle.wordpress.com/2008/05/20/creating-a-self-signed-ssl-certificate-without-a-mess-of-makecertexe-using-ssl-diagnostics-tool/