Displaying And Maintaining Ssl - HP 12500 Series Configuration Manual

Step
3. Specify a PKI domain for the
SSL client policy.
4. Specify the preferred cipher
suite for the SSL client policy.
5. Specify the SSL protocol
version for the SSL client
policy.
6. Enable certificate-based SSL
server authentication.

Displaying and maintaining SSL

Task
Display SSL server policy
information.
Display SSL client policy
information.
Command
pki-domain domain-name
prefer-cipher
{ dhe_rsa_aes_128_cbc_sha |
dhe_rsa_aes_256_cbc_sha |
rsa_3des_ede_cbc_sha |
rsa_aes_128_cbc_sha |
rsa_aes_256_cbc_sha |
rsa_des_cbc_sha |
rsa_rc4_128_md5 |
rsa_rc4_128_sha }
version { ssl3.0 | tls1.0 }
server-verify enable
Command
display ssl server-policy { policy-name | all }
[ | { begin | exclude | include }
regular-expression ]
display ssl client-policy { policy-name | all }
[ | { begin | exclude | include }
regular-expression ]
317
Remarks
Optional.
No PKI domain is configured by
default.
If the SSL server authenticates the
SSL client through a digital
certificate, you must use this
command to specify a PKI domain
and request a local certificate for
the SSL client in the PKI domain.
For information about how to
configure a PKI domain, see
"Configuring PKI."
Optional.
rsa_rc4_128_md5 by default.
The rsa_3des_ede_cbc_sha,
rsa_des_cbc_sha,
rsa_rc4_128_md5, and
rsa_rc4_128_sha keywords are
not available for FIPS mode.
The dhe_rsa_aes_128_cbc_sha
and dhe_rsa_aes_256_cbc_sha
keywords are available only for
FIPS mode.
Optional.
TLS 1.0 by default.
The ssl3.0 keyword is not available
for FIPS mode.
Optional.
Enabled by default.
Remarks
Available in any view.
Available in any view.