HPE FlexNetwork 10500 Series Security Configuration Manual page 483
Hide thumbs
Also See for FlexNetwork 10500 Series:
- Security command reference (881 pages) ,
- Network management and monitoring command reference (423 pages) ,
- Configuration manual (407 pages)
Table of Contents
Advertisement
Step
6.
Specify the cipher suites that
the SSL server policy supports.
7.
Set the maximum number of
sessions that the SSL server
can cache and the session
cache timeout time.
Command
•
In non-FIPS mode:
ciphersuite
{ dhe_rsa_aes_128_cbc_sha |
dhe_rsa_aes_128_cbc_sha25
6 |
dhe_rsa_aes_256_cbc_sha |
dhe_rsa_aes_256_cbc_sha25
6 |
ecdhe_ecdsa_aes_128_cbc_
sha256 |
ecdhe_ecdsa_aes_128_gcm_
sha256 |
ecdhe_ecdsa_aes_256_cbc_
sha384 |
ecdhe_ecdsa_aes_256_gcm_
sha384 |
ecdhe_rsa_aes_128_cbc_sha
256 |
ecdhe_rsa_aes_128_gcm_sh
a256 |
ecdhe_rsa_aes_256_cbc_sha
384 |
ecdhe_rsa_aes_256_gcm_sh
a384 | exp_rsa_des_cbc_sha
| exp_rsa_rc2_md5 |
exp_rsa_rc4_md5 |
rsa_3des_ede_cbc_sha |
rsa_aes_128_cbc_sha |
rsa_aes_128_cbc_sha256 |
rsa_aes_256_cbc_sha |
rsa_aes_256_cbc_sha256 |
rsa_des_cbc_sha |
rsa_rc4_128_md5 |
rsa_rc4_128_sha } *
•
In FIPS mode:
ciphersuite
{ ecdhe_ecdsa_aes_128_cbc
_sha256 |
ecdhe_ecdsa_aes_256_cbc_
sha384 |
ecdhe_ecdsa_aes_128_gcm_
sha256 |
ecdhe_ecdsa_aes_256_gcm_
sha384 |
ecdhe_rsa_aes_128_cbc_sha
256 |
ecdhe_rsa_aes_128_gcm_sh
a256 |
ecdhe_rsa_aes_256_cbc_sha
384 |
ecdhe_rsa_aes_256_gcm_sh
a384 | rsa_aes_128_cbc_sha |
rsa_aes_128_cbc_sha256 |
rsa_aes_256_cbc_sha |
rsa_aes_256_cbc_sha256 } *
session { cachesize size | timeout
time }
466
Remarks
By default, an SSL server
policy supports all cipher
suites.
By default, the SSL server
can cache a maximum of 500
sessions, and the session
cache timeout time is 3600
seconds.
Advertisement
Table of Contents
Troubleshooting
