The default value change of INI parameter
TLSCheckCN impacts Microsoft broker.
SecurityPolicy=Full; TLSCheckCN=yes/no,
In previous release, the default value of
TLSCheckCN is no, that means, the SSL connection verified
the server identity certificates. You can enter either IP address
or FQDN to log in to Microsoft broker.
From ThinOS 8.5.1, the default value of
TLSCheckCN is yes. By default, the server certificate
common name is verified. For instance, if your server identity certificates
use FQDN, then you must enter FQDN of Microsoft broker to log in.
If INI parameter is not set, then by default the server
identity certificates is verified. If you want to log in to broker
using both IP and FQDN, you can set the ini as SecurityPolicy=Full; TLSCheckCN=no.
For the value of head parameter
SecurityPolicy, the Microsoft RDS brokers always work as full security mode in
SSL connection. The security mode is set to full mode during the connection
and it does not change if you set the parameter
SecurityPolicy to any value.