# Server Connection: PR5S

Fields with the asterisk \* are mandatory.

<table><thead><tr><th width="216.57781982421875">Value</th><th>Description</th></tr></thead><tbody><tr><td><strong>SERVER NAME *</strong></td><td>Enter a unique name for the server.</td></tr><tr><td><strong>DESCRIPTION *</strong> </td><td>Provide a brief description of the server.</td></tr><tr><td><strong>PORT *</strong></td><td>Enter the port to connect to the server. This is the TCP/IP port the server will listen to in the STENG node.</td></tr><tr><td><strong>QMANAGER NAME *</strong></td><td>Enter the SPAZIO local Queue Manager. Maximum 48 characters.</td></tr><tr><td><strong>DEFAULT CHARSET *</strong></td><td>Select the default charset used to convert the received text in the external file.<br>For a list of the default charset, follow this <a href="/pages/bXblCQPvaPonLHqKDwk2#default-charset">link</a>.</td></tr><tr><td><strong>USE EXTERNAL KEYSTORE *</strong></td><td>Enable this toggle button to use an external HSM. These fields will appear:<br>- <strong>Server key label *</strong>: equivalent to the <strong>SERVER KEYLABEL</strong> above. Enter the alias or label of the Private Key and Certificate stored in the HSM to be used to create the SSL connection.<br>- <strong>Token type</strong>: string provided by the HSM vendor. <br>- <strong>Token name</strong>: string provided by the HSM vendor. </td></tr><tr><td><strong>SERVER KEYLABEL *</strong></td><td>Select the alias or label of the Private Key and Certificate to be used to create the SSL connection.</td></tr><tr><td><strong>AUTHENTICATION PROTOCOL</strong></td><td>Select the SSL authentication protocol. Possible values:<br><strong>ALL</strong><br><strong>ONLY SPECIFIC VALUES:</strong><br>SSLv3<br>TLSv1<br>TLSv1_1<br>TLSv1_2<br>TLSv1_3</td></tr><tr><td><strong>ACCEPTED CIPHER SUITES</strong></td><td>Select the cipherSuites accepted to establish SSL connection.<br>For a list of all accepted Cipher Suites, follow this <a href="/pages/bXblCQPvaPonLHqKDwk2#accepted-cipher-suites">link</a>.</td></tr><tr><td><strong>REQUIRE CLIENT AUTHENTICATION *</strong></td><td>Enable the toggle button if you want the server to require SSL Client Authentication to the client that is connecting.<br>If enabled, the CLIENT CERTIFICATE MATCH field appears, and the appropriate option must be selected in the drop-down menu – details in the field here below.</td></tr><tr><td><strong>CLIENT CERTIFICATE MATCH</strong></td><td>This field appears if the Require Client Authentication button is enabled. It defines if the Certificate required for Client Authentication will be matched and how. Possible values:<br>- <strong>NONE</strong>: the Certificate will not be matched. The presence of a valid Certificate is enough to proceed. This is the less secure option.<br>- <strong>CNEQUALS</strong> (default value): the Common Name field of the subject of the Certificate must be exactly the same as the user name. This is the most restrictive option.<br>- <strong>CNCONTAINS</strong>: the Common Name field of the subject of the Certificate must contain the user name.</td></tr></tbody></table>

<table><thead><tr><th width="220.844482421875">DMZ mode</th><th></th></tr></thead><tbody><tr><td><strong>NONE (default)</strong></td><td>No session proxying through DMZ Gateway applied.</td></tr><tr><td><strong>PORT_FORWARDING</strong></td><td>Incoming/Outgoing connections to/from STENG server will be proxied inside an SSL tunnel without being validated in advance.<br>- <strong>DMZ PROXY PORT *</strong>: this port represents the tunnel that is opened for connection with the STENG Server.<br>- <strong>SERVER KEYLABEL</strong>: select the label of private key to be used by the SFTP server exposed in the DMZ Gateway.<br>- <strong>AUTHENTICATION PROTOCOL</strong>: select the SSL authentication protocol. Possible values:<br>   - <strong>ALL</strong><br>   - <strong>ONLY SPECIFIC VALUES:</strong><br>     SSLv3<br>     TLSv1<br>     TLSv1_1<br>     TLSv1_2<br>     TLSv1_3<br>- <strong>ACCEPTED CIPHER SUITES</strong>: for a list of all accepted Cipher Suites, follow this <a href="/pages/bXblCQPvaPonLHqKDwk2#accepted-cipher-suites">link</a>.<br>- <strong>REQUIRE CLIENT AUTHENTICATION *</strong>: enable the toggle button if SSL Client authentication must be required.</td></tr><tr><td><strong>SESSION_TERMINATION</strong></td><td>The server session will be terminated inside the DMZ Gateway, before data is sent to STENG server.<br>- <strong>DMZ PROXY PORT *</strong>: this port represents the tunnel that is opened for connection with the STENG Server.<br>- <strong>SERVER PORT *</strong>: enter the DMZ server port to be used for the connection.<br>- <strong>Use external keystore for DMZ *</strong>: enable this toggle button to use an external HSM for DMZ. These fields will appear:<br>   - <strong>DMZ Server key label *</strong>: equivalent to the <strong>SERVER KEYLABEL</strong> below. Enter the label of the private key stored in the HSM to be used by the SFTP server exposed in the DMZ Gateway.<br>   - <strong>DMZ Token type</strong>: string provided by the HSM vendor. <br>   - <strong>DMZ Token name</strong>: string provided by the HSM vendor. <br>- <strong>SERVER KEYLABEL</strong>: select the label of private key to be used by the SFTP server exposed in the DMZ Gateway.<br>- <strong>AUTHENTICATION PROTOCOL</strong>: select the SSL authentication protocol. Possible values:<br>   - <strong>ALL</strong><br>   - <strong>ONLY SPECIFIC VALUES:</strong><br>     SSLv3<br>     TLSv1<br>     TLSv1_1<br>     TLSv1_2<br>     TLSv1_3<br>- <strong>ACCEPTED CIPHER SUITES</strong>: for a list of all accepted Cipher Suites, follow this <a href="/pages/bXblCQPvaPonLHqKDwk2#accepted-cipher-suites">link</a>.<br>- <strong>REQUIRE CLIENT AUTHENTICATION *</strong>: enable the toggle button if SSL Client authentication must be required.</td></tr><tr><td></td><td></td></tr></tbody></table>

To change any DMZ port of a PR5S server that belongs to a peer, select the server you want to update. Next, click the pencil icon in the top-right corner of the server card. Enter the new port or ports in the appropriate fields. Finally, click the **SAVE** button to confirm your changes. Remember that the new port number will only affect the peer's selected server.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.primeur.com/data-mover-1.21/transfer-protocols-and-connectors/server-connections/server-connection-pr5s.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.