Nortel Secure Network Access Switch 4050 User Manual page 177

2
Enter the server information in the applicable fields.
server SSL Settings fields.
Table 25
Server SSL Settings fields
Field
Certificate
Status
Protocol
Ciphers
Verify
Cache Size
Timeout
Chapter 4 Configuring the domain 177
Description
Specifies which server certificate the portal server will use.
You cannot specify more than one server certificate for the
server to use at any one time.
Specifies whether SSL is enabled on the portal server. The
default is enabled.
Specifies the protocol to use when establishing an SSL
session with a client. The options are:
• ssl2 — accept SSL 2.0 only
• ssl3 — accept SSL 3.0 and TLS 1.0
• ssl23 — accept SSL 2.0, SSL 3.0, and TLS 1.0
• tls1 — accept TLS 1.0 only
Specifies the cipher preference list.
Allows expressions that consists of cipher strings
separated by colons. The default cipher list is
ALL@STRENGTH.
For more information about cipher lists, see
"Supported ciphers," on page
Specifies the level of client authentication to use when
establishing an SSL session. The options are:
• none — no client certificate is required
• optional — a client certificate is requested, but the
client need not present one
• require — a client certificate is required
Not supported in Nortel Secure Network Access Switch
Software Release 1.0.
Specifies the size of the SSL cache.
Allows an integer less than or equal to 10000 indicating the
number of cached sessions. The default is 4000.
If there are many cache misses, increase the Cache Size
value for better performance.
Specifies the maximum time to live (TTL) value for items in
the SSL cache. After the TTL has expired, the items are
discarded.
Allows an integer that indicates the TTL value in seconds
( ), minutes ( ), or hours (
s m
measurement unit, seconds is assumed. The default is 5m
(5 minutes).
Nortel Secure Network Access Switch 4050 User Guide
Table 25 describes the
Appendix D,
881.
). If you do not specify a
h