Table of Contents
Advertisement
v Indicates that the columbia candidate alias does not reference the encrypted
v Indicates that the towson candidate alias does reference the encrypted password
valcred
Enters Validation Credentials mode.
Syntax
valcred name
no valcred name
Parameters
name
Guidelines
A Crypto Profile optionally uses a Validation Credentials to validate certificates
received from remote SSL peers.
v A Validation Credentials is required by an SSL client only when it validates the
v A Validation Credentials is required by an SSL server only when it validates
If you want the SSL service to validate received certificates:
v Use the valcred and certificate (Validation Credentials) commands to create a
v Assign the Validation Credentials to the Crypto Profile.
Assignment of a Validation Credentials to a Crypto Profile mandates that SSL
validate the certificate presented by the remote peer. If the peer fails to present a
certificate upon request, or presents a certificate that cannot be validated, the
Crypto Profile requires the termination of the SSL connection.
The no valcred command deletes only the named Validation Credentials. The
certificate aliases that appeared in the list remain available for use, as do as the
files that contain the actual certificates.
240
Command Reference
password that protects the K2.der key file.
# test password-map columbia
key K2.der
Alias 'columbia' with file 'K2.der' --> FAIL
#
that protects the K2.der key file.
# test password-map towson
key K2.der
Alias 'towson' with file 'K2.der' --> OK
#
Specifies the name of the Validation Credentials.
The name can contain a maximum of 32 characters. For restrictions, refer to
"Object name conventions" on page xxiv.
certificate presented by an SSL server. Validation of a server's certificate is not
required by the SSL standard.
certificates presented by SSL clients. Validation of SSL clients is not required by
the SSL standard.
Validation Credentials.
Advertisement
Table of Contents
