All of the options that appear on the Authentication tab of the Pro tool are described below.
Many websites have secure areas that use BASIC, DIGEST or Windows (NTLM) authentication to protect them. In order to validate pages within these areas, enter the required user name and password here.
When connecting to a server using Windows (NTLM) authentication you may need to supply a domain name. In this case enter the domain name and user name separated by a backslash into the user name field. For example 'MYDOMAIN\myuser'.
Note that although the password is masked with asterisks when you type it in, it will still be stored as plain text if you save your settings when you exit the tool. So you may wish to use the interactive option instead.
In order to access the Internet, either to validate pages or to check for updates to this tool, your organisation may require you to go through a Proxy Server. If you cannot validate any pages on the Internet, or otherwise believe that you use a Proxy then you must complete this section, and you may have to contact your IT provider or internal IT support function to find out what settings to use here.
If you have selected the Use System proxy menu option the tool will try to use the operating system settings to determine which proxy server to use. But if this doesn't work, or if you simply wish to override these settings, you may supply the details here. You must supply the host name or IP address of the proxy server, optionally a port number (defaults to 8080, or 1080 for SOCKS) and whether it uses SOCKS.
Many proxy servers require you to authenticate yourself, so fields are available to enter the required user name and password to save typing them in each time. When connecting to a proxy server using Windows (NTLM) authentication you may need to supply a domain name. In this case enter the domain name and user name separated by a backslash into the user name field. For example 'MYDOMAIN\myuser'.
Note that although the password is masked with asterisks when you type it in, it will still be stored as plain text when you save your settings. So you may wish to use the interactive option instead.
Also currently you can only supply one user name/password combination here, so you may need to use the interactive option if you go through more than one authenticating proxy.
Any proxy authentication details you enter using any method will be cached in memory until the tool is restarted to save you having to enter them more than once.
Rather than entering authentication details elsewhere on this tab, you can choose to be prompted for them each time they are needed using this option. In this case a dialog box will be displayed with the page you are trying to access and the 'realm' that it resides in, prompting you to enter a valid user/password combination.
Any proxy authentication details you enter will be cached in memory until the tool is restarted to save you having to enter them more than once.
Some websites (typically on intranets) require that the browser is authenticated with a digital certificate. If this is the case for your website then complete this section so that TV will be authenticated and able to validate the website.
Enter the path of your certificate or 'Browse' to it and then enter the password used to protect it. Note that this certificate must be in standard #pkcs12 format to be accepted, so you may have to convert it first.
If the Certificate Authority (CA) used to sign your Client certificate is a third party such as Verisign, then there should be nothing else to do. However, normally organisations use their own CA and so you need to tell TV about this using a 'Trust Store' by filling in the additional Trust Store and Password fields.
A Trust Store is a standard Java Key Store (.jks file) which can be created and populated with your CA's public certificate to create a Trust Store. Here is an example of how to do this using the Java 'keytool' command found in the standard Java installation folder to create a store called 'store.jks' with a password of 'pwd':
keytool -importcert -keystore store.jks -alias CA -file ca.crt -v -noprompt -storepass pwd
If there is a certificate chain then repeat the above for all of the internal certificates in the chain, using a unique alias for each one
If your website's SSL certificate is self-signed you will also need to add the SSL certificate to the Trust Store as well:
keytool -importcert -keystore store.jks -alias SSL -file ssl-cert.pem -v -noprompt -storepass pwd