Disabling use of the Windows certificate store enables you to have greater control over which certificates are used for authentication. InfoConnect applications can be configured to authenticate using only those certificates located in the Reflection store or using both the Windows and the Reflection store. Disabling this option can make connections vulnerable to man-in-the-middle attacks, which could compromise the security of the connection.Ĭonsider disabling the use of the Windows certificate store for InfoConnect connections. This setting specifies whether certificates presented for host authentication are checked to determine if they are valid and signed by a trusted CA. To prevent this security risk, make sure the Retrieve and validate certificate chain setting in the SSL/TLS Security Properties Dialog Box is enabled.
Micro Focus Development teams use a Secure Development Lifecycle process, where ongoing training and product review ensures that our software does not contain security vulnerabilities and that all new features are developed with security in mind.Ĭonfigure InfoConnect Desktop to prevent security risks associated with certificates.ĭon’t’ allow host authentication with invalidated certificates. They evaluate all security alerts against the currently released products and incorporate updates in the next versions. The Host Connectivity team responsible for the development of new versions is a dedicated staff of senior engineers who have a strong focus on making the product more secure. Micro Focus strives to make each new version of InfoConnect Desktop more secure than the last. Staying current with major new releases, service packs and updates (when available) ensures you have deployed the latest security patches and fixes to your end-users. Stay current with versioning in InfoConnect Desktop InfoConnect Desktop 17.0 contains enhanced capabilities that allow you to disable cipher suites which are less secure, and also to enable ciphers used in your environment that you consider to be more secure. Use the strongest encryption ciphers available in your environment If your environment supports TLS 1.3, consider using this version. InfoConnect Desktop versions 17.0 and higher support TLS 1.3 for IBM, VT, Unisys, T27, and FTP sessions. Use the highest level of TLS for secure connections Micro Focus regularly publishes security alerts in knowledge base articles. Monitor InfoConnect Desktop security alerts