Resolution:
· Do Not Verify Hostname

Specifies whether the client should verify the name in the CN field of the server’s certificate.

When cleared, the client should verify the name of the connected host or the name specified in the Expected Hostname field against the value in the server’s certificate. If the names do not match, the connection is rejected.

When selected, the client establishes secure communication with the server, but does not verify the server’s name.

· Expected server name to have in the CN field of the certificate

The name the client expects in the CN field of the server’s certificate. If this parameter is not set, the expected name is the hostname of the server. The value of this parameter is used when “Do Not Verify Hostname” parameter is cleared. 

· Cipher suite Names used by the server

Specifies the cipher suites that the client can use.  Supply a colon-separated list of cipher names. Names may be either OpenSSL names, or longer descriptive names.

More infomation is available here:  https://docs.tibco.com/pub/ems/8.2.2/doc/pdf/TIB_ems_8.2_users_guide.pdf (Chapter 20 Using the SSL Protocol, section: Specifying Cipher Suites)

· Do Not Verify Host

Specifies whether the client should verify the server’s certificate.

When cleared, the client should verify the server’s certificate. This is recommended.

When selected, the client establishes secure communication with the server, but does not verify the server’s identity 

· SSL Server Trusted certificate

List of CA certificates to trust as issuers of server certificates. Supply only CA root certificates. 

· SSL digital certificate

The client’s digital certificate. Supply a certificate in either PEM or PKCS#12 format.

You must also supply a private key file in the Private Key field if you supply a PEM-formatted certificate here. 

· SSL Server private key

 The name and location of the client’s private key file. This key must be in PKCS#8 format. 

· SSL Server private key password

 Password for client’s private key.