Prefer-Cipher; Server-Verify Enable - HP 5120 SI series Command Reference Manual
Hide thumbs
Also See for 5120 SI series:
- Security configuration manual (385 pages) ,
- Installation manual (48 pages) ,
- Specification (33 pages)
Table of Contents
Advertisement
prefer-cipher
Syntax
In non-FIPS mode:
prefer-cipher { rsa_aes_128_cbc_sha | rsa_des_cbc_sha | rsa_rc4_128_md5 | rsa_rc4_128_sha }
undo prefer-cipher
In FIPS mode:
prefer-cipher { dhe_rsa_aes_128_cbc_sha | rsa_aes_128_cbc_sha }
undo prefer-cipher
View
SSL client policy view
Default level
2: System level
Parameters
dhe_rsa_aes_128_cbc_sha: Specifies the key exchange algorithm of DH_RSA, the data encryption
algorithm of 128-bit AES_CBC, and the MAC algorithm of SHA.
rsa_aes_128_cbc_sha: Specifies the key exchange algorithm of RSA, the data encryption algorithm of
128-bit AES_CBC, and the MAC algorithm of SHA.
rsa_des_cbc_sha: Specifies the key exchange algorithm of RSA, the data encryption algorithm of
DES_CBC, and the MAC algorithm of SHA.
rsa_rc4_128_md5: Specifies the key exchange algorithm of RSA, the data encryption algorithm of
128-bit RC4, and the MAC algorithm of MD5.
rsa_rc4_128_sha: Specifies the key exchange algorithm of RSA, the data encryption algorithm of 128-bit
RC4, and the MAC algorithm of SHA.
Description
Use the prefer-cipher command to specify the preferred cipher suite for an SSL client policy.
Use the undo prefer-cipher command to restore the default.
By default, the preferred cipher suite for an SSL client policy is rsa_rc4_128_md5.
Related commands: display ssl client-policy.
Examples
# Set the preferred cipher suite for SSL client policy policy1 to rsa_aes_128_cbc_sha.
<Sysname> system-view
[Sysname] ssl client-policy policy1
[Sysname-ssl-client-policy-policy1] prefer-cipher rsa_aes_128_cbc_sha
server-verify enable
Syntax
server-verify enable
undo server-verify enable
277
- Quick Links:
- Command Reference
Hide quick links:
Advertisement
Table of Contents
