Version - HP FlexNetwork MSR Series Command Reference Manual
Comware 7 security
Hide thumbs
Also See for FlexNetwork MSR Series:
- Configuration manual (392 pages) ,
- Configuration manuals (159 pages)
Advertisement
Default
SSL 3.0 is enabled on the device.
Views
System view
Predefined user roles
network-admin
Usage guidelines
Use this command to disable SSL 3.0 on a device to enhance system security.
•
An SSL server supports only TLS 1.0 after SSL 3.0 is disabled.
•
An SSL client always uses SSL 3.0 if SSL 3.0 is specified for the client policy, whether you
disable SSL 3.0 or not.
To ensure successful establishment of an SSL connection, do not disable SSL 3.0 on a device when
the peer device only supports SSL 3.0. As a best practice, upgrade the peer device to support TLS
1.0 to improve security.
Examples
# Disable SSL 3.0 on the device.
<Sysname> system-view
[Sysname] ssl version ssl3.0 disable
version
Use version to specify an SSL protocol version for an SSL client policy.
Use undo version to restore the default.
Syntax
In non-FIPS mode:
version { ssl3.0 | tls1.0 }
undo version
In FIPS mode:
version tls1.0
undo version
Default
The SSL protocol version for an SSL client policy is TLS 1.0.
Views
SSL client policy view
Predefined user roles
network-admin
Parameters
ssl3.0: Specifies SSL 3.0.
tls1.0: Specifies TLS 1.0.
Usage guidelines
If you execute this command multiple times, the most recent configuration takes effect.
655
Advertisement
