FDMSRcRetail Configuration

This setting indicates the interval of time, in seconds, a client will wait for the response for any given request. Normally this value is set to a value 5 seconds less than the Timeout value to allow for a response to be received from Datawire. It may be changed independently by setting this configuration setting AFTER setting the Timeout property. Note that too small a value will cause Datawire to reject a transaction immediately.

This field contains a three digit number assigned by the signing member or processor to identify the merchant's authorization currency. For US Dollars, use "840".

If set to True the Status event will fire with the raw request and response information. This is helpful for debugging.

This setting specifies whether partial authorizations are supported. Partial authorization support is generally required for all merchants in card-present environments. The merchant may be subject to fees, interchange downgrades, or both if this is not supported in a retail environment. Support for partial authorizations is optional in ECommerce transactions but is highly recommended. The default value is True.

This setting may be set to specify and alternative merchant address to be used in lieu of the one on file with FDMS. This value may be up to 25 characters in length.

This setting may be set to specify and alternative merchant city to be used in lieu of the one on file with FDMS. This value may be up to 20 characters in length.

This setting may be set to specify and alternative merchant country code to be used in lieu of the one on file with FDMS. This value is the ISO 3166 three digit numeric identifier.

This setting may be set to specify and alternative merchant name to be used in lieu of the one on file with FDMS. This value may be up to 30 characters in length.

This setting may be set to specify and alternative merchant state to be used in lieu of the one on file with FDMS. This value is the two characters state abbreviation.

This setting may be set to specify and alternative merchant zip code to be used in lieu of the one on file with FDMS. This value may be up to 9 characters in length.

This setting may be queried after a transaction to determine the source of the decision. This is only applicable to Visa transactions. Possible values are:

This setting specifies the type of bill payment being made. This is applicable to ECommerce, MOTO, and Retail transactions. Possible values are:

This setting optionally specifies the method used to input the card number or track data. If not specified (default) the class will automatically determine the correct value based on CardEntryDataSource. This should only be set if there is a need to override the automatically determined value. Possible values are:

By default the class will automatically determine the card type and submit the card type information in the transaction request. This setting may be set to override the automatically determined value and manually specify the type of card.

This should not be set unless there is a specific reason to do so.

Possible values are:

This setting is required for contactless MasterCard transactions when POSConditionCode is set to 07, 82, or 91. Possible values are:

This setting may be set to specify the local datetime of the transaction. By default the class will automatically calculate this value from the local system time. If set, this setting overrides the value calculated by the class. The format is "yyyyMMddHHmmss";

This setting may be set to specify the UTC datetime of the transaction. By default the class will automatically calculate this value from the local system time. If set, this setting overrides the value calculated by the class. The format is "yyyyMMddHHmmss";

This setting optionally specifies the industry standard 4 digit Merchant Category Code (MCC). This classifies the business based on the type of goods or services it provides.

This setting may be set to specify a different POS condition code. The class will automatically set this to an appropriate value, however this may be set to provide a specific values. This is only applicable when the IndustryType is set to Retail or Restaurant. Possible values are:

Because this setting is only applicable to Retail or Restaurant transactions not all values listed above are relevant.

This may optionally be set to identify the specific point of sale device, for instance a lane number. This may be up to 4 digits in length. This setting is only applicable when IndustryType is set to Retail.

This setting specifies the terminal's ability to capture card information. Possible values are:

The default value is 1.

Note: If set to 0 track data must not be specified.

This settings defines what entry modes are supported by the terminal. Possible values are:

The default value is 00 (unspecified).

Note: The value 04 cannot be specified unless the client is certified and the device is enabled for EMV.

This setting specifies the terminal's ability to accept PIN entry. Possible values are:

The default value is 1.

This setting specifies the terminal's ability to prompt for tax when performing a transaction with Level 2 commercial cards. Possible values are:

By default this is set to -1 and will not be sent in the request.

This setting specifies the voice approval code obtained when authenticating the transaction over the phone with the issuer. Set this before calling Capture.

This setting must be set to 4 digit the FDMS assigned token type. This is required when requesting a token.

This setting allows you to specify the type of TransArmor security to be used when authorizing and settling transactions. The available modes are:

Note: Your merchant account must be configured to use TransArmor. The configuration is 'Mode' specific and thus you must inform FDMS which type of TransArmor Security Level you wish to use.

This setting allows you to retrieve a TransArmorKey that will be used to perform TransArmor encryption (TransArmorMode = 1). When this is set to "true" the class will perform the request immediately. Upon a successful call, both TransArmorKey and TransArmorKeyId will be populated with the values assigned to you by FDMS.

This setting allows you to retrieve and specify the key used to perform the encryption of the Card data. When a successful call to UpdateTransArmorKey is made, this setting will be populated with your assigned key. Store this key for future use. This setting is required for any transactions that you perform using TransArmor encryption (TransArmorMode = 1).

This setting allows you to retrieve and specify the Id of the TransArmorKey used to perform the encryption of the Card data. When a successful call to UpdateTransArmorKey is made, this setting will be populated with your assigned key ID. Store this key Id for future use. This setting is required for any transactions that you perform using TransArmor encryption (TransArmorMode = 1).

This setting allows you to retrieve and specify the Token returned in an authorization response when using TransArmor (TransArmorMode = 1 OR 2). When an authorization is performed using TransArmor, a Token will be returned in the response. This Token will be used in all subsequent requests (such as reversals and settlement) in place of the CardNumber or CardMagneticStripe.

This setting allows you to retrieve and specify the Provider Id returned in an authorization response when using TransArmor (TransArmorMode = 1 OR 2). When an authorization is performed using TransArmor, a Provider Id will be returned in the response along with a TransArmorToken. This Provider Id will be used in all subsequent requests (such as reversals and settlement) and must be specified along with TransArmorToken.

This setting allows you to identify whether your TransArmorKey needs to be updated. When performing an authorization using TransArmor, it is possible that FDMS will request that you update your TransArmorKey. This setting should be queried after every authorization is performed. If the returned value is "False", no key update is required. If "True" is returned, you should update your key by calling UpdateTransArmorKey after the completion of the function in progress (i.e. authorization). If the key update request was successful, you should update your TransArmorKey and TransArmorKeyId values. If the key update request fails, you can continue using your same TransArmorKey and TransArmorKeyId values until another key update indicator is received.

This setting allows you to retrieve a TransArmorToken for a specified card. Upon a successful call, both TransArmorToken and TransArmorProviderId will be populated with the values assigned to you by FDMS. In particular, this method is used when performing a Credit or Force using a TransArmorMode of '0' (Tokenization Only) or '1' (Encryption and Tokenization). So prior to adding the needed detail record to the FDMSSettle component, you will first retrieve a TransArmorToken by calling GetTransArmorToken for the card that you wish to use. The received TransArmorToken and TransArmorProviderId will then be set within the detail record (instead of the card data) and can be added to the FDMSSettle component.

This field is used along with EMVOnlineKSN to perform EMV online PIN transactions. The value of this property must be retrieved from a certified PIN pad device. This property is only valid for Card Present transactions. The maximum length is 16 characters.

This field is used along with EMVOnlinePIN to perform EMV online PIN transactions. The value of this property must be retrieved from a certified PIN pad device. This property is only valid for Card Present transactions. The maximum length is 20 characters.

When AllowHTTPCompression is true, the class adds an "Accept-Encoding: " header to the request being sent to the server. By default, this header's value is "gzip, deflate". This config allows you to change the value of the "Accept-Encoding" header. NOTE: The class only supports gzip and deflate decompression algorithms.

This is the same as the AllowHTTPCompression property. This setting is exposed here for use by classs that inherit from HTTP.

By default the class does not allow redirects to the same URL to avoid redirect loops. In some cases the server may intentionally redirect the client back to the same URL. In that case this setting may be set to True to allow the redirect to be followed. The default value is False.

This setting determines whether data is appended when writing to LocalFile. When set to True downloaded data will be appended to LocalFile. This may be used in conjunction with Range to resume a failed download. This is only applicable when LocalFile is set. The default value is False.

If the Authorization property contains a non-empty string, an Authorization HTTP request header is added to the request. This header conveys Authorization information to the server.

This property is provided so that the HTTP class can be extended with other security schemes in addition to the authorization schemes already implemented by the class.

The AuthScheme property defines the authentication scheme used. In the case of HTTP Basic Authentication (default), every time User and Password are set, they are Base64 encoded, and the result is put in the Authorization property in the form "Basic [encoded-user-password]".

Returns the raw number of bytes from the HTTP response data, prior to the component processing the data, whether it is chunked and/or compressed. This returns the same value as the Transfer event, by BytesTransferred.

The default value is false. If set to true the URL passed to the class will be URL encoded.

This option determines what happens when the server issues a redirect. Normally, the class returns an error if the server responds with an "Object Moved" message. If this property is set to 1 (always), the new URL for the object is retrieved automatically every time.

If this property is set to 2 (Same Scheme), the new URL is retrieved automatically only if the URL Scheme is the same, otherwise the class fails with an error.

Note that following the HTTP specification, unless this option is set to 1 (Always), automatic redirects will be performed only for 'GET' or 'HEAD' requests. Other methods could potentially change the conditions of the initial request and create security vulnerabilities.

Furthermore, if either the new URL server and port are different than the existing one, User and Password are also reset to empty, unless this property is set to 1 (Always), in which case the same credentials are used to connect to the new server.

A Redirect event is fired for every URL the product is redirected to. In the case of automatic redirections, the Redirect event is a good place to set properties related to the new connection (e.g. new authentication parameters).

The default value is 0 (Never). In this case, redirects are never followed, and the class fails with an error instead.

Valid options are:

• 0 - Never
• 1 - Always
• 2 - Same Scheme

The default value is false. If set to true the class will perform a GET on the new location. Otherwise it will use the same HTTP method again.

Possible values include "1.0", and "1.1". The default is "1.1".

This is the same as the IfModifiedSince property. This setting is exposed here for use by classs that inherit from HTTP.

If true, the component will not send the 'Connection: Close' header. The absence of the Connection header indicates to the server that HTTP persistent connections should be used if supported. Note that not all server support persistent connections. You may also explicitly add the Keep-Alive header to the request headers by setting OtherHeaders to 'Connection: Keep-Alive'. If false, the connection will be closed immediately after the server response is received.

The default value for KeepAlive is false.

When FollowRedirects is set to any value besides frNever the class will follow redirects until this maximum number of redirect attempts are made. The default value is 20.

This configuration option can be set to a string of headers to be appended to the HTTP request headers.

The headers must be of the format "header: value" as described in the HTTP specifications. Header lines should be separated by CRLF ("\r\ n") .

Use this configuration option with caution. If this configuration option contains invalid headers, HTTP requests may fail.

This configuration option is useful for extending the functionality of the class beyond what is provided.

Similar to the Authorization config, but for proxy authorization. If this config contains a non-empty string, a Proxy-Authorization HTTP request header is added to the request. This header conveys proxy authorization information to the server. If ProxyUser and ProxyPassword are specified, this value is calculated using the algorithm specified by ProxyAuthScheme.

This is the same as ProxyAuthScheme. This setting is provided for use by classs that do not directly expose Proxy properties.

This is the same as ProxyPassword. This setting is provided for use by classs that do not directly expose Proxy properties.

This is the same as ProxyPort. This setting is provided for use by classs that do not directly expose Proxy properties.

This is the same as ProxyServer. This setting is provided for use by classs that do not directly expose Proxy properties.

This is the same as ProxyUser. This setting is provided for use by classs that do not directly expose Proxy properties.

If TransferredDataLimit is set to 0 (default), no limits are imposed. Otherwise this reflects the maximum number of incoming bytes that can be stored by the class.

This configuration setting returns the complete set of raw headers as received from the server.

If UseChunkedEncoding is set to true, the class will use HTTP chunked encoding when posting if possible. HTTP chunked encoding allows large files to be sent in chunks instead of all at once. If set to false, the class will not use HTTP chunked encoding. The default value is false.

Note: Some servers (such as the ASP.NET Development Server) may not support chunked encoding.

This is only applicable when UseChunkedEncoding is true. This setting specifies the chunk size in bytes to be used when posting data. The default value is 16384.

If True, the component will use the default HTTP client for the platform (URLConnection in Java, WebRequest in .NET, or CFHTTPMessage in Mac/iOS) instead of the internal HTTP implementation. This is important for environments where direct access to sockets is limited or not allowed (as in the Google AppEngine for instance).

Note: This setting is only applicable to Mac/iOS editions.

This is the value supplied in the HTTP User-Agent header. The default setting is "/n software IPWorks HTTP/S Component - www.nsoftware.com".

Override the default with the name and version of your software.

If the Service Principal Name on the Kerberos Domain Controller is not the same as the URL that you are authenticating to, the Service Principal Name should be set here.

When set, this configuration setting allows you to specify a different timeout value for establishing a connection. Otherwise, the class will use Timeout for establishing a connection and transmitting/receiving data.

This is the same as FirewallAutoDetect. This setting is provided for use by classs that do not directly expose Firewall properties.

If a FirewallHost is given, requested connections will be authenticated through the specified firewall when connecting.

If the FirewallHost setting is set to a Domain Name, a DNS request is initiated. Upon successful termination of the request, the FirewallHost setting is set to the corresponding address. If the search is not successful, an error is returned.

NOTE: This is the same as FirewallHost. This setting is provided for use by classs that do not directly expose Firewall properties.

If FirewallHost is specified, the FirewallUser and FirewallPassword settings are used to connect and authenticate to the given firewall. If the authentication fails, the class fails with an error.

NOTE: This is the same as FirewallPassword. This setting is provided for use by classs that do not directly expose Firewall properties.

Note that the FirewallPort is set automatically when FirewallType is set to a valid value.

NOTE: This is the same as FirewallPort. This setting is provided for use by classs that do not directly expose Firewall properties.

The appropriate values are as follows:

NOTE: This is the same as FirewallFirewallType. This setting is provided for use by classs that do not directly expose Firewall properties.

If the FirewallHost is specified, the FirewallUser and FirewallPassword settings are used to connect and authenticate to the Firewall. If the authentication fails, the class fails with an error.

NOTE: This is the same as FirewallUser. This setting is provided for use by classs that do not directly expose Firewall properties.

When set, TCPKeepAlive will automatically be set to true. By default the operating system will determine the time a connection is idle before a TCP keep-alive packet is sent. This system default if this value is not specified here is 2 hours. In many cases a shorter interval is more useful. Set this value to the desired interval in milliseconds.

Note: This value is not applicable in Java.

When set, TCPKeepAlive will automatically be set to true. A TCP keep-alive packet will be sent after a period of inactivity as defined by KeepAliveTime. If no acknowledgement is received from the remote host the keep-alive packet will be re-sent. This setting specifies the interval at which the successive keep-alive packets are sent in milliseconds. This system default if this value is not specified here is 1 second.

Note: This value is not applicable in Java or MAC.

When set, TCPKeepAlive will automatically be set to true. A TCP keep-alive packet will be sent after a period of inactivity as defined by KeepAliveTime. If no acknowledgement is received from the remote host the keep-alive packet will be re-sent. This setting specifies the number of times that the keep-alive packets will be re-sent before the remote host is considered disconnected. The system default if this value is not specified here is 9.

Note: This configuration setting is only available in the Unix platform, and isn't supported in Mac OS or FreeBSD.

This property controls how a connection is closed. The default is True.

In the case that Linger is True (default), there are two scenarios for determining how long the connection will linger. The first, if LingerTime is 0 (default), the system will attempt to send pending data for a connection until the default IP protocol timeout expires.

In the second scenario, LingerTime is a positive value, the system will attempt to send pending data until the specified LingerTime is reached. If this attempt fails, then the system will reset the connection.

The default behavior (which is also the default mode for stream sockets) might result in a long delay in closing the connection. Although the class returns control immediately, the system could hold system resources until all pending data is sent (even after your application closes).

Setting this property to False forces an immediate disconnection. If you know that the other side has received all the data you sent (by a client acknowledgment, for example), setting this property to False might be the appropriate course of action.

LingerTime is the time, in seconds, to leave the socket connection linger. This value is 0 by default, which means it will use the default IP protocol timeout.

The LocalHost setting contains the name of the local host as obtained by the gethostname() system call, or if the user has assigned an IP address, the value of that address.

In multi-homed hosts (machines with more than one IP interface) setting LocalHost to the value of an interface will make the class initiate connections (or accept in the case of server classs) only through that interface.

If the class is connected, the LocalHost setting shows the IP address of the interface through which the connection is made in internet dotted format (aaa.bbb.ccc.ddd). In most cases, this is the address of the local host, except for multi-homed hosts (machines with more than one IP interface).

This must be set before a connection is attempted. It instructs the class to bind to a specific port (or communication endpoint) in the local machine.

Setting this to 0 (default) enables the system to choose a port at random. The chosen port will be shown by LocalPort after the connection is established.

LocalPort cannot be changed once a connection is made. Any attempt to set this when a connection is active will generate an error.

This; setting is useful when trying to connect to services that require a trusted port in the client side. An example is the remote shell (rsh) service in UNIX systems.

MaxLineLength is the size of an internal buffer, which holds received data while waiting for an EOL string.

If an EOL string is found in the input stream before MaxLineLength bytes are received, the DataIn event is fired with the EOL parameter set to True, and the buffer is reset.

If no EOL is found, and MaxLineLength bytes are accumulated in the buffer, the DataIn event is fired with the EOL parameter set to False, and the buffer is reset.

The minimum value for MaxLineLength is 256 bytes. The default value is 2048 bytes. The maximum value is 65536 bytes.

This setting can be used to throttle outbound TCP traffic. Set this to the number of bytes to be sent per second. By default this is not set and there is no limit.

If set to a positive value, this setting defines the length of data records to be received. The class will accumulate data until RecordLength is reached and only then fire the DataIn event with data of length RecordLength. This allows data to be received as records of known length. This value can be changed at any time, including within the DataIn event.

The default value is 0, meaning this setting is not used.

If set to true, the socket's keep-alive option is enabled and keep-alive packets will be sent periodically to maintain the connection. Set KeepAliveTime and KeepAliveInterval to configure the timing of the keep-alive packets.

Note: This value is not applicable in Java.

When set to 0 (default), the class will use IPv4 exclusively. When set to 1, the class will use IPv6 exclusively. To instruct the class to prefer IPv6 addresses, but use IPv4 if IPv6 is not supported on the system, this setting should be set to 2. The default value is 0. Possible values are:

When true, the socket will send all data that is ready to send at once. When false, the socket will send smaller buffered packets of data at small intervals. This is known as the Nagle algorithm.

By default, this config is set to false.

If set to true, the component will reuse the context if and only if the following criteria are met:

• The target host name is the same.
• The system cache entry has not expired (default timeout is 10 hours).
• The application process that calls the function is the same.
• The logon session is the same.
• The instance of the component is the same.

This minimum cipher strength largely dependent on the security modules installed on the system. If the cipher strength specified is not supported, an error will be returned when connections are initiated.

Please note that this setting contains the minimum cipher strength requested from the security library. The actual cipher strength used for the connection is shown by the SSLStatus event.

Use this setting with caution. Requesting a lower cipher strength than necessary could potentially cause serious security vulnerabilities in your application.

When the provider is OpenSSL, SSLCipherStrength is currently not supported. This functionality is instead made available through the OpenSSLCipherList config setting.

Used to enable/disable the supported security protocols.

Not all supported protocols are enabled by default (the value of this setting is 4032). If you want more granular control over the enabled protocols, you can set this property to the binary 'OR' of one or more of the following values:

When the provider is OpenSSL, SSLCipherStrength is currently not supported. This functionality is instead made available through the OpenSSLCipherList config setting.

TLS 1.1 and TLS1.2 support are only available starting with Windows 7.

Change this setting to use security providers other than the system default.

Use this setting with caution. Disabling SSL security or pointing to the wrong provider could potentially cause serious security vulnerabilities in your application.

The special value "*" (default) picks the default SSL provider defined in the system.

Note: On Windows systems, the default SSL Provider is "Microsoft Unified Security Protocol Provider" and cannot be changed.

The following flags are defined (specified in hexadecimal notation). They can be or-ed together to exclude multiple conditions:

This functionality is currently not available when the provider is OpenSSL.

This functionality is available only when the provider is OpenSSL.

The path set by this property should point to a directory containing CA certificates in PEM format. The files each contain one CA certificate. The files are looked up by the CA subject name hash value, which must hence be available. If more than one CA certificate with the same name hash value exist, the extension must be different (e.g. 9d66eef0.0, 9d66eef0.1 etc). OpenSSL recommends to use the c_rehash utility to create the necessary links. Please refer to the OpenSSL man page SSL_CTX_load_verify_locations(3) for details.

This functionality is available only when the provider is OpenSSL.

The file set by this property should contain a list of CA certificates in PEM format. The file can contain several CA certificates identified by

-----BEGIN CERTIFICATE-----

... (CA certificate in base64 encoding) ...

-----END CERTIFICATE-----

sequences. Before, between, and after the certificates text is allowed which can be used e.g. for descriptions of the certificates. Please refer to the OpenSSL man page SSL_CTX_load_verify_locations(3) for details.

This functionality is available only when the provider is OpenSSL.

The format of this string is described in the OpenSSL man page ciphers(1) section "CIPHER LIST FORMAT". Please refer to it for details. The default string "DEFAULT" is determined at compile time and is normally equivalent to "ALL:!ADH:RC4+RSA:+SSLv2:@STRENGTH".

This functionality is available only when the provider is OpenSSL.

By default OpenSSL uses the device file "/dev/urandom" to seed the PRNG and setting OpenSSLPrngSeedData is not required. If set, the string specified is used to seed the PRNG.

If AbsoluteTimeout is set to True, any method which does not complete within Timeout seconds will be aborted. By default, AbsoluteTimeout is False, and the timeout is an inactivity timeout.

Note: This option is not valid for UDP ports.

When the firewall is a tunneling proxy, use this property to send custom (additional) headers to the firewall (e.g. headers for custom authentication schemes).

This is the size of an internal queue in the TCP/IP stack. You can increase or decrease its size depending on the amount of data that you will be receiving. Increasing the value of the InBufferSize setting can provide significant improvements in performance in some cases.

Some TCP/IP implementations do not support variable buffer sizes. If that is the case, when the class is activated the InBufferSize reverts to its defined size. The same happens if you attempt to make it too large or too small.

This is the size of an internal queue in the TCP/IP stack. You can increase or decrease its size depending on the amount of data that you will be sending. Increasing the value of the OutBufferSize setting can provide significant improvements in performance in some cases.

Some TCP/IP implementations do not support variable buffer sizes. If that is the case, when the class is activated the OutBufferSize reverts to its defined size. The same happens if you attempt to make it too large or too small.

When set, this configuration setting allows you to specify a different timeout value for establishing a connection. Otherwise, the class will use Timeout for establishing a connection and transmitting/receiving data.

This is the same as FirewallAutoDetect. This setting is provided for use by classs that do not directly expose Firewall properties.

If a FirewallHost is given, requested connections will be authenticated through the specified firewall when connecting.

If the FirewallHost setting is set to a Domain Name, a DNS request is initiated. Upon successful termination of the request, the FirewallHost setting is set to the corresponding address. If the search is not successful, an error is returned.

NOTE: This is the same as FirewallHost. This setting is provided for use by classs that do not directly expose Firewall properties.

If FirewallHost is specified, the FirewallUser and FirewallPassword settings are used to connect and authenticate to the given firewall. If the authentication fails, the class fails with an error.

NOTE: This is the same as FirewallPassword. This setting is provided for use by classs that do not directly expose Firewall properties.

Note that the FirewallPort is set automatically when FirewallType is set to a valid value.

NOTE: This is the same as FirewallPort. This setting is provided for use by classs that do not directly expose Firewall properties.

The appropriate values are as follows:

NOTE: This is the same as FirewallFirewallType. This setting is provided for use by classs that do not directly expose Firewall properties.

If the FirewallHost is specified, the FirewallUser and FirewallPassword settings are used to connect and authenticate to the Firewall. If the authentication fails, the class fails with an error.

NOTE: This is the same as FirewallUser. This setting is provided for use by classs that do not directly expose Firewall properties.

When set, TCPKeepAlive will automatically be set to true. By default the operating system will determine the time a connection is idle before a TCP keep-alive packet is sent. This system default if this value is not specified here is 2 hours. In many cases a shorter interval is more useful. Set this value to the desired interval in milliseconds.

Note: This value is not applicable in Java.

When set, TCPKeepAlive will automatically be set to true. A TCP keep-alive packet will be sent after a period of inactivity as defined by KeepAliveTime. If no acknowledgement is received from the remote host the keep-alive packet will be re-sent. This setting specifies the interval at which the successive keep-alive packets are sent in milliseconds. This system default if this value is not specified here is 1 second.

Note: This value is not applicable in Java or MAC.

When set, TCPKeepAlive will automatically be set to true. A TCP keep-alive packet will be sent after a period of inactivity as defined by KeepAliveTime. If no acknowledgement is received from the remote host the keep-alive packet will be re-sent. This setting specifies the number of times that the keep-alive packets will be re-sent before the remote host is considered disconnected. The system default if this value is not specified here is 9.

Note: This configuration setting is only available in the Unix platform, and isn't supported in Mac OS or FreeBSD.

This property controls how a connection is closed. The default is True.

In the case that Linger is True (default), there are two scenarios for determining how long the connection will linger. The first, if LingerTime is 0 (default), the system will attempt to send pending data for a connection until the default IP protocol timeout expires.

In the second scenario, LingerTime is a positive value, the system will attempt to send pending data until the specified LingerTime is reached. If this attempt fails, then the system will reset the connection.

The default behavior (which is also the default mode for stream sockets) might result in a long delay in closing the connection. Although the class returns control immediately, the system could hold system resources until all pending data is sent (even after your application closes).

Setting this property to False forces an immediate disconnection. If you know that the other side has received all the data you sent (by a client acknowledgment, for example), setting this property to False might be the appropriate course of action.

LingerTime is the time, in seconds, to leave the socket connection linger. This value is 0 by default, which means it will use the default IP protocol timeout.

The LocalHost setting contains the name of the local host as obtained by the gethostname() system call, or if the user has assigned an IP address, the value of that address.

In multi-homed hosts (machines with more than one IP interface) setting LocalHost to the value of an interface will make the class initiate connections (or accept in the case of server classs) only through that interface.

If the class is connected, the LocalHost setting shows the IP address of the interface through which the connection is made in internet dotted format (aaa.bbb.ccc.ddd). In most cases, this is the address of the local host, except for multi-homed hosts (machines with more than one IP interface).

This must be set before a connection is attempted. It instructs the class to bind to a specific port (or communication endpoint) in the local machine.

Setting this to 0 (default) enables the system to choose a port at random. The chosen port will be shown by LocalPort after the connection is established.

LocalPort cannot be changed once a connection is made. Any attempt to set this when a connection is active will generate an error.

This; setting is useful when trying to connect to services that require a trusted port in the client side. An example is the remote shell (rsh) service in UNIX systems.

MaxLineLength is the size of an internal buffer, which holds received data while waiting for an EOL string.

If an EOL string is found in the input stream before MaxLineLength bytes are received, the DataIn event is fired with the EOL parameter set to True, and the buffer is reset.

If no EOL is found, and MaxLineLength bytes are accumulated in the buffer, the DataIn event is fired with the EOL parameter set to False, and the buffer is reset.

The minimum value for MaxLineLength is 256 bytes. The default value is 2048 bytes. The maximum value is 65536 bytes.

This setting can be used to throttle outbound TCP traffic. Set this to the number of bytes to be sent per second. By default this is not set and there is no limit.

If set to a positive value, this setting defines the length of data records to be received. The class will accumulate data until RecordLength is reached and only then fire the DataIn event with data of length RecordLength. This allows data to be received as records of known length. This value can be changed at any time, including within the DataIn event.

The default value is 0, meaning this setting is not used.

If set to true, the socket's keep-alive option is enabled and keep-alive packets will be sent periodically to maintain the connection. Set KeepAliveTime and KeepAliveInterval to configure the timing of the keep-alive packets.

Note: This value is not applicable in Java.

When set to 0 (default), the class will use IPv4 exclusively. When set to 1, the class will use IPv6 exclusively. To instruct the class to prefer IPv6 addresses, but use IPv4 if IPv6 is not supported on the system, this setting should be set to 2. The default value is 0. Possible values are:

When true, the socket will send all data that is ready to send at once. When false, the socket will send smaller buffered packets of data at small intervals. This is known as the Nagle algorithm.

By default, this config is set to false.

If set to true, the component will reuse the context if and only if the following criteria are met:

• The target host name is the same.
• The system cache entry has not expired (default timeout is 10 hours).
• The application process that calls the function is the same.
• The logon session is the same.
• The instance of the component is the same.

This minimum cipher strength largely dependent on the security modules installed on the system. If the cipher strength specified is not supported, an error will be returned when connections are initiated.

Please note that this setting contains the minimum cipher strength requested from the security library. The actual cipher strength used for the connection is shown by the SSLStatus event.

Use this setting with caution. Requesting a lower cipher strength than necessary could potentially cause serious security vulnerabilities in your application.

When the provider is OpenSSL, SSLCipherStrength is currently not supported. This functionality is instead made available through the OpenSSLCipherList config setting.

Used to enable/disable the supported security protocols.

Not all supported protocols are enabled by default (the value of this setting is 4032). If you want more granular control over the enabled protocols, you can set this property to the binary 'OR' of one or more of the following values:

When the provider is OpenSSL, SSLCipherStrength is currently not supported. This functionality is instead made available through the OpenSSLCipherList config setting.

TLS 1.1 and TLS1.2 support are only available starting with Windows 7.

Change this setting to use security providers other than the system default.

Use this setting with caution. Disabling SSL security or pointing to the wrong provider could potentially cause serious security vulnerabilities in your application.

The special value "*" (default) picks the default SSL provider defined in the system.

Note: On Windows systems, the default SSL Provider is "Microsoft Unified Security Protocol Provider" and cannot be changed.

The following flags are defined (specified in hexadecimal notation). They can be or-ed together to exclude multiple conditions:

This functionality is currently not available when the provider is OpenSSL.

This functionality is available only when the provider is OpenSSL.

The path set by this property should point to a directory containing CA certificates in PEM format. The files each contain one CA certificate. The files are looked up by the CA subject name hash value, which must hence be available. If more than one CA certificate with the same name hash value exist, the extension must be different (e.g. 9d66eef0.0, 9d66eef0.1 etc). OpenSSL recommends to use the c_rehash utility to create the necessary links. Please refer to the OpenSSL man page SSL_CTX_load_verify_locations(3) for details.

This functionality is available only when the provider is OpenSSL.

The file set by this property should contain a list of CA certificates in PEM format. The file can contain several CA certificates identified by

-----BEGIN CERTIFICATE-----

... (CA certificate in base64 encoding) ...

-----END CERTIFICATE-----

sequences. Before, between, and after the certificates text is allowed which can be used e.g. for descriptions of the certificates. Please refer to the OpenSSL man page SSL_CTX_load_verify_locations(3) for details.

This functionality is available only when the provider is OpenSSL.

The format of this string is described in the OpenSSL man page ciphers(1) section "CIPHER LIST FORMAT". Please refer to it for details. The default string "DEFAULT" is determined at compile time and is normally equivalent to "ALL:!ADH:RC4+RSA:+SSLv2:@STRENGTH".

This functionality is available only when the provider is OpenSSL.

By default OpenSSL uses the device file "/dev/urandom" to seed the PRNG and setting OpenSSLPrngSeedData is not required. If set, the string specified is used to seed the PRNG.

If AbsoluteTimeout is set to True, any method which does not complete within Timeout seconds will be aborted. By default, AbsoluteTimeout is False, and the timeout is an inactivity timeout.

Note: This option is not valid for UDP ports.

When the firewall is a tunneling proxy, use this property to send custom (additional) headers to the firewall (e.g. headers for custom authentication schemes).

This is the size of an internal queue in the TCP/IP stack. You can increase or decrease its size depending on the amount of data that you will be receiving. Increasing the value of the InBufferSize setting can provide significant improvements in performance in some cases.

Some TCP/IP implementations do not support variable buffer sizes. If that is the case, when the class is activated the InBufferSize reverts to its defined size. The same happens if you attempt to make it too large or too small.

This is the size of an internal queue in the TCP/IP stack. You can increase or decrease its size depending on the amount of data that you will be sending. Increasing the value of the OutBufferSize setting can provide significant improvements in performance in some cases.

Some TCP/IP implementations do not support variable buffer sizes. If that is the case, when the class is activated the OutBufferSize reverts to its defined size. The same happens if you attempt to make it too large or too small.

If there are no events to process when DoEvents is called, the class will wait for the amount of time specified here before returning. The default value is 20.

The default code page is the Active Code Page (0).

The following is a list of valid code page identifiers:

The following is a list of valid code page identifiers for Mac OS only: