Displaying And Maintaining Ssl; Ssl Server Policy Configuration Example - HPE FlexNetwork 7500 Series Security Configuration Manual
Hide thumbs
Also See for FlexNetwork 7500 Series:
- Security configuration manual (506 pages) ,
- Command reference manual (474 pages) ,
- Network management and monitoring command reference (430 pages)
Table of Contents
Advertisement
Step
6.
Specify the SSL protocol
version for the SSL client
policy.
7.
Enable the SSL client to
authenticate servers through
digital certificates.
Displaying and maintaining SSL
Execute display commands in any view.
Task
Display cryptographic library version information.
Display SSL server policy information.
Display SSL client policy information.
SSL server policy configuration example
Network requirements
As shown in
To protect the device and prevent data from being eavesdropped or tampered with, configure the
device to be accessible through HTTPS only.
In this example, the CA server runs Windows Server and has the SCEP plug-in installed.
Figure 110 Network diagram
10.1.1.1/24
10.1.1.2/24
Host
Configuration considerations
To meet the network requirements, perform the following tasks:
•
Configure the device as the HTTPS server and request a server certificate for the device. For
more information about HTTPS, see Fundamentals Configuration Guide.
•
Request a client certificate for the host so that the device can authenticate the identity of the
host.
Figure
110, users need to access and manage the device through the Web interface.
Device
10.1.2.1/24
10.1.2.2/24
CA
Command
•
In non-FIPS mode:
version { ssl3.0 | tls1.0 |
tls1.1 | tls1.2 }
•
In FIPS mode:
version { tls1.0 | tls1.1 |
tls1.2 }
server-verify enable
Command
display crypto version
display ssl server-policy [ policy-name ]
display ssl client-policy [ policy-name ]
375
Remarks
By default, an SSL client policy
uses TLS 1.0.
To ensure security, do not
specify SSL 3.0 for an SSL client
policy.
By default, SSL server
authentication is enabled.
Advertisement
Table of Contents
Troubleshooting
