Client-Verify Enable; Display Ssl Server-Policy - HP MSR Series Command Reference Manual
Hide thumbs
Also See for MSR Series:
- Configuration manual (889 pages) ,
- Command reference manual (625 pages) ,
- Wan access configuration manual (293 pages)
Table of Contents
Advertisement
client-verify enable
Use client-verify enable to enable the SSL server to use digital certificates to authenticate clients.
Use undo client-verify enable to restore the default.
Syntax
client-verify enable
undo client-verify enable
Default
The SSL server does not authenticate SSL clients.
Views
SSL server policy view
Predefined user roles
network-admin
Usage guidelines
The SSL client and server use digital certificates to authenticate each other. For more information about
digital certificates, see Security Configuration Guide.
If you execute the client-verify enable command, an SSL client must send its own digital certificate to the
SSL server for authentication. The client can access the SSL server only after it passes the authentication.
When authenticating a client by using the digital certificate, the SSL server performs the following
operations:
Verifies the certificate chain presented by the client.
•
Checks that the certificates in the certificate chain (except the root CA certificate) are not revoked.
•
Examples
# Enable the SSL server to use digital certificates to authenticate SSL clients.
<Sysname> system-view
[Sysname] ssl server-policy policy1
[Sysname-ssl-server-policy-policy1] client-verify enable
Related commands
display ssl server-policy
display ssl server-policy
Use display ssl server-policy to display SSL server policy information.
Syntax
display ssl server-policy [ policy-name ]
Views
Any view
Predefined user roles
network-admin
423
Advertisement
Table of Contents
