TCP/IP Implementation and Operations Guide
Using TCP/IP Options

Enabling and Disabling TLS 1.0 Chained Certificates

Use the TCPIP OPTION command to enable or disable TLS 1.0 chained certificates.

Servers and client systems are required to use X.509 certificate chains over TLS 1.2 secure connections. These certificate chains are also supported over TLS 1.0 connections; however, when connecting to legacy systems, sending the entire chain of certificates over TLS 1.0 can cause the remote peer to reject the certificate chain. The TLS10CERTCHAIN system-level TCP/IP option enables the processing of chained certificates over TLS 1.0.

Note:

Use the NW TCPIP STATUS SSL inquiry to ensure that SSL encryption is enabled and to view the list of supported SSL versions and ciphers.

To enable TLS 1.0 chained certificates, enter the following:

NW TCPIP OPT + TLS10CERTCHAIN

To disable TLS 1.0 chained certificates, enter the following:

NW TCPIP OPT – TLS10CERTCHAIN

The default state is disabled.

Prev	Up	Next
Enabling and Disabling SSL Version TLS 1.0	Home	Enabling and Disabling the SHA-1 Hash Algorithm

TCP/IP Implementation and Operations GuideUsing TCP/IP Options

Enabling and Disabling TLS 1.0 Chained Certificates

TCP/IP Implementation and Operations Guide
Using TCP/IP Options