HP 5920 Series Configuration Manual page 322
Hide thumbs
Also See for 5920 Series:
- Command reference manual (607 pages) ,
- Configuration manual (322 pages) ,
- Fc and fcoe configuration manual (257 pages)
Table of Contents
Advertisement
Step
1.
Enter system view.
2.
(Optional.) Disable SSL 3.0.
3.
Create an SSL server policy and
enter its view.
4.
(Optional.) Specify a PKI
domain for the SSL server policy.
5.
Specify the cipher suites that the
SSL server policy supports.
6.
Set the maximum number of
sessions that the SSL server can
cache.
Command
system-view
ssl version ssl3.0 disable
ssl server-policy policy-name
pki-domain domain-name
•
In non-FIPS mode:
ciphersuite
{ dhe_rsa_aes_128_cbc_sha |
exp_rsa_des_cbc_sha |
exp_rsa_rc2_md5 |
exp_rsa_rc4_md5 |
rsa_3des_ede_cbc_sha |
rsa_aes_128_cbc_sha |
rsa_aes_256_cbc_sha |
rsa_des_cbc_sha |
rsa_rc4_128_md5 |
rsa_rc4_128_sha } *
•
In FIPS mode:
In Release 2307 and Release
2310:
ciphersuite
{ dhe_rsa_aes_128_cbc_sha
| dhe_rsa_aes_256_cbc_sha
| rsa_aes_128_cbc_sha |
rsa_aes_256_cbc_sha } *
In Release 231 1P04 and later
versions:
ciphersuite
{ rsa_aes_128_cbc_sha |
rsa_aes_256_cbc_sha } *
session cachesize size
311
Remarks
N/A
By default, the device supports
SSL 3.0.
This command is available in
Release 2311P05 and later
versions.
By default, no SSL server
policies exist on the device.
By default, no PKI domain is
specified for an SSL server
policy.
If SSL clients authenticate the
server through digital
certificates, you must use this
command to specify a PKI
domain and request a local
certificate for the SSL server
through the PKI domain.
For information about how to
create and configure a PKI
domain, see
"Configuring
By default, an SSL server policy
supports all cipher suites.
By default, an SSL server can
cache a maximum of 500
sessions.
PKI."
- Quick Links:
- Configuration Guide
- Configuring Local Users
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
