EasyManuals Logo
Home>HP>Switch>3600 v2 Series

HP 3600 v2 Series Security Configuration Guide

HP 3600 v2 Series
398 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #319 background imageLoading...
Page #319 background image
308
Configuration procedure
Follow these steps to configure an SSL server policy:
To do... Use the command...
Remarks
Enter system view system-view —
Create an SSL server policy and
enter its view
ssl server-policy policy-name Required
Specify a PKI domain for the SSL
server policy
pki-domain domain-name
Required
By default, no PKI domain is
specified for an SSL server policy.
Specify the cipher suite(s) for the
SSL server policy to support
ciphersuite
[ rsa_3des_ede_cbc_sha |
rsa_aes_128_cbc_sha |
rsa_aes_256_cbc_sha |
rsa_des_cbc_sha |
rsa_rc4_128_md5 |
rsa_rc4_128_sha ] *
Optional
By default, an SSL server policy
supports all cipher suites.
Set the handshake timeout time for
the SSL server
handshake timeout time
Optional
3,600 seconds by default
Set the SSL connection close mode close-mode wait
Optional
Not wait by default
Set the maximum number of
cached sessions and the caching
timeout time
session { cachesize size | timeout
time } *
Optional
The defaults are as follows:
500 for the maximum number of
cached sessions,
3600 seconds for the caching
timeout time.
Configure the server to require
certificate-based SSL client
authentication
client-verify enable
Optional
By default, the SSL server does not
require the client to be
authenticated.
Enable SSL client weak
authentication
client-verify weaken
Optional
Disabled by default.
This command takes effect only
when the client-verify enable
command is configured.
NOTE:
• If you enable client authentication here, you must request a local certificate for the client.
• SSL mainly comes in these versions: SSL 2.0, SSL 3.0, and TLS 1.0, where TLS 1.0 corresponds to SSL 3.1.
When the switch acts as an SSL server, it can communicate with clients runnin
g
SSL 3.0 or TLS 1.0, and
can identify Hello packets from clients runnin
g
SSL 2.0. If a client runnin
g
SSL 2.0 also supports SSL 3.0
or TLS 1.0 (information about supported versions is carried in the packet that the client sends to the
server), the server notifies the client to use SSL 3.0 or TLS 1.0 to communicate with the server.

Table of Contents

Other manuals for HP 3600 v2 Series

Preview: Command Reference
Command Reference479 pages
Preview: Installation Guide
Installation Guide62 pages
Preview: Compliance And Safety Manual
Compliance And Safety Manual51 pages
Preview: Configuration Guide
Configuration Guide449 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HP 3600 v2 Series and is the answer not in the manual?

HP 3600 v2 Series Specifications

General IconGeneral
BrandHP
Model3600 v2 Series
CategorySwitch
LanguageEnglish

Related product manuals