Ssl Version Disable; Version - HPE FlexNetwork 10500 Series Security Command Reference

ssl version disable

Use ssl version disable to disable the SSL server from using specific SSL protocol versions for
session negotiation.
Use undo ssl version disable restore the default.
Syntax
In non-FIPS mode:
ssl version { ssl3.0 | tls1.0 | tls1.1 } * disable
undo ssl version { ssl3.0 | tls1.0 | tls1.1 } * disable
In FIPS mode:
ssl version { tls1.0 | tls1.1 } * disable
undo ssl version { tls1.0 | tls1.1 } * disable
Default
In non-FIPS mode, the SSL server supports SSL 3.0, TLS 1.0, TLS 1.1, and TLS 1.2.
In FIPS mode, the SSL server supports TLS 1.0, TLS 1.1, and TLS 1.2.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
ssl3.0: Specifies SSL 3.0.
tls1.0: Specifies TLS 1.0.
tls1.1: Specifies TLS 1.1.
Usage guidelines
To enhance system security, you can disable the SSL server from using specific SSL protocol
versions (SSL 3.0, TLS 1.0, and TLS 1.1) for session negotiation.
Disabling an SSL protocol version does not affect the availability of earlier SSL protocol versions. For
example, if you execute the ssl version tls1.1 disable command, TLS 1.1 is disabled but TLS 1.0 is
still available for the SSL server.
Examples
# Disable SSL 3.0 for the SSL server.
<Sysname> system-view
[Sysname] ssl version ssl3.0 disable

version

Use version to specify an SSL protocol version for an SSL client policy.
Use undo version to restore the default.
Syntax
In non-FIPS mode:
658