C H A P T E R 5
Command
config policygroup
service key suite
config ssl cache
196
HP Traffic Director Server Appliances User Guide
Description
Specifies a cipher suite for each type of service.
config policygroup <policy-name> service
<service-name> key suite [ all | high |
medium | low | export | <custom> ]
<CIPHERSUITE>
where:
•
policy-name is the name of an existing policy group
•
service-name is the name of the service you want to create
•
CIPHERSUITE is a string representing the desired cipher
suite, for example: RC4-MD5
The suite is one of the following:
•
all = all supported ciphers (including export ciphers)
•
high = all ciphers with 168-bit encryption (triple-DES)
•
medium = all ciphers with 128-bit and above encryption,
including high
•
low = all ciphers with 64-bit and above encryption, including
medium and high
•
export = all export ciphers only
•
custom = user-defined cipher
•
default = use the default specified value in the 'config ssl'
level
Enables or disables the SA8220's SSL session reuse capability.
Enabling the cache can provide a performance benefit for SSLv2
clients. This option must be disabled if the majority of the traffic
uses SSLv3. Users must consult their client browser software to
determine the protocol used.
config ssl cache [enable|disable]
where:
•
enable enables the SSL session reuse capability
•
disable disables the SSL session reuse capability