Pki-Domain - H3C MSR Series Command Reference Manual
Comware 7 security
Hide thumbs
Also See for MSR Series:
- Command reference manual (174 pages) ,
- Configuration manual (80 pages) ,
- Manual (33 pages)
Table of Contents
Advertisement
Session cache size: 600
Caching timeout: 3600 seconds
Client-verify: Enabled
Table 105 Command output
Field
Caching timeout
Client-verify
pki-domain
Use pki-domain to specify a PKI domain for an SSL client policy or an SSL server policy.
Use undo pki-domain to restore the default.
Syntax
pki-domain domain-name
undo pki-domain
Default
No PKI domain is specified for an SSL client policy or an SSL server policy.
Views
SSL client policy view
SSL server policy view
Predefined user roles
network-admin
Parameters
domain-name: Specifies a PKI domain by its name, a case-insensitive string of 1 to 31 characters.
Usage guidelines
If you specify a PKI domain for an SSL client policy, the SSL client that uses the SSL client policy will
obtain its digital certificate through the specified PKI domain.
If you specify a PKI domain for an SSL server policy, the SSL server that uses the SSL server policy
will obtain its digital certificate through the specified PKI domain.
Examples
# Specify PKI domain client-domain for the SSL client policy policy1.
<Sysname> system-view
[Sysname] ssl client-policy policy1
[Sysname-ssl-client-policy-policy1] pki-domain client-domain
# Specify PKI domain server-domain for the SSL server policy policy1.
<Sysname> system-view
[Sysname] ssl server-policy policy1
[Sysname-ssl-server-policy-policy1] pki-domain server-domain
Description
Session cache timeout time in seconds.
SSL client authentication mode, including:
•
Disabled—SSL client authentication is disabled.
•
Enabled—SSL client authentication is mandatory.
•
Optional—SSL client authentication is optional.
727
Advertisement
Table of Contents
