Displaying And Maintaining Ssl - HPE FlexNetwork MSR Series Configuration Manual
Comware 7 security
Hide thumbs
Also See for FlexNetwork MSR Series:
- Configuration manual (861 pages) ,
- Comware 7 layer 3 - ip services configuration manuals (554 pages) ,
- Comware 5 security configuration manual (547 pages)
Table of Contents
Advertisement
Step
955. Specify the preferred cipher
suite for the SSL client policy.
956. Specify
version for the SSL client
policy.
957. Enable the SSL client to
authenticate servers through
digital certificates.
Displaying and maintaining SSL
Execute display commands in any view.
Task
Display SSL server policy information.
Display SSL client policy information.
SSL server policy configuration example
Network requirements
As shown in
To protect the device and prevent data from being eavesdropped or tampered with, configure the
device to be accessible through HTTPS only.
In this example, the CA server runs Windows Server and has the SCEP plug-in installed.
the
SSL
protocol
Figure
170, users need to access and manage the device through the Web page.
Command
•
In
non-FIPS
prefer-cipher
{ dhe_rsa_aes_128_cbc_s
ha
dhe_rsa_aes_256_cbc_sh
a | exp_rsa_des_cbc_sha
|
exp_rsa_rc2_md5
exp_rsa_rc4_md5
rsa_3des_ede_cbc_sha |
rsa_aes_128_cbc_sha
rsa_aes_256_cbc_sha
rsa_des_cbc_sha
rsa_rc4_128_md5
rsa_rc4_128_sha }
•
In
FIPS
prefer-cipher
{ rsa_aes_128_cbc_sha |
rsa_aes_256_cbc_sha }
•
In
non-FIPS
version { ssl3.0 | tls1.0 }
•
In
FIPS
version tls1.0
server-verify enable
Command
display ssl server-policy [ policy-name ]
display ssl client-policy [ policy-name ]
511
Remarks
mode:
|
•
In
non-FIPS
|
The
default
|
cipher
rsa_rc4_128_md5.
|
•
In
FIPS
|
The
default
|
cipher
|
sa_aes_128_cbc_sha.
mode:
mode:
By default, an SSL client policy
uses TLS 1.0.
mode:
By
default,
authentication is enabled.
mode:
preferred
suite
is
mode:
preferred
suite
is
SSL
server
Advertisement
Table of Contents
Troubleshooting
Need help?
Do you have a question about the FlexNetwork MSR Series and is the answer not in the manual?