D-Link DXS-3600 Series Cli Reference Manual page 1206
Layer 2/3 managed 10gigabit
Hide thumbs
Also See for DXS-3600 Series:
- Reference manual (1328 pages) ,
- Hardware installation manual (55 pages) ,
- Reference manual (48 pages)
Table of Contents
Advertisement
DXS-3600 Series Layer 3 Managed 10Gigabit Ethernet Switch CLI Reference Guide
ssl-service-policy POLICY-NAME [ciphersuite [dhe-dss-3des-ede-cbc-sha] [rsa-3des-ede-cbc-
sha] [rsa-rc4-128-sha] [rsa-rc4-128-md5] [rsa-export-rc4-40-md5] | secure-trustpoint
TRUSTPOINT | session-cache-timeout TIME-OUT]
no ssl-service-policy POLICY-NAME [ciphersuite [dhe-dss-3des-ede-cbc-sha] [rsa-3des-ede-
cbc-sha] [rsa-rc4-128-sha] [rsa-rc4-128-md5] [rsa-export-rc4-40-md5] | secure-trustpoint |
session-cache-timeout]
Parameters
POLICY-NAME
ciphersuite
secure-trustpoint
TRUSTPOINT
session-cache-timeout TIME-
OUT
Default
None.
Command Mode
Global Configuration Mode.
Command Default Level
Level: 12.
Usage Guideline
This command is used to configure the SSL service policy.
Specifies the name of the SSL service policy.
(Optional) Specifies the cipher suites that should be used by the
secure service when negotiating a connection with a remote peer.
dhe-dss-3des-ede-cbc-sha - Use DH key exchange with 3DES-EDE-
CBC encryption and SHA for message digest.
rsa-3des-ede-cbc-sha - Use RSA key exchange with 3DES and DES-
EDE3-CBC for message encryption and the Secure Hash Algorithm
(SHA) for message digest.
rsa-rc4-128-sha - Use RSA key exchange with RC4 128-bit encryption
for message encryption and SHA for message digest.
rsa-rc4-128-md5 - Use RSA key exchange with RC4 128-bit
encryption for message encryption and Message Digest 5 (MD5) for
message digest.
rsa-export-rc4-40-md5 - Use RSA EXPORT key exchange with RC4
40 bits for message encryption and MD5 for message digest.
When the cipher suite is not configured, the SSL client and server will
negotiate the best cipher suite that they both support from the list of
available cipher suites. Multiple cipher suites can be specified to be
used. Use the no form of this command to disable the selected cipher
suites.
(Optional) Specifies the name of the trust-point that should be used in
SSL handshake. When this parameter is not specified, the trust-point
which is specified as the primary will be used. If no primary trust-point
is specified, the built-in certificate/key pairs will be used. In no form of
this command, the specified trust-point will be canceled and then the
built-in certificate/key pairs will be used.
(Optional) Specifies the timeout value in seconds for the information
stored in the SSL session cache. The valid range is from 60 to 86400.
When this parameter is not configured, the default session cache
timeout is 600 seconds. In the no form of this command, the SSL
session cache timeout will be reverted to the default value.
1201
Advertisement
Table of Contents
