Set Https - Cisco Firepower 4100 Command Reference Manual
Fully integrated next-generation firewall
Hide thumbs
Also See for Firepower 4100:
- Hardware installation manual (82 pages) ,
- Manual (42 pages) ,
- Maintenance and upgrade manual (20 pages)
Table of Contents
Advertisement
set https
set https
To specify HTTPS service parameters, use the set https command.
set https {auth-type {cert-auth|cred-auth}|cipher-suite cipher_string|cipher-suite-mode
{custom|high-strength|low-strength|medium-strength}|crl-mode {relaxed|strict}|keyring
keyring_name|port port_number}
Syntax Description
auth-type
{cert-auth|cred-auth}
cipher-suite cipher_string
cipher-suite-mode
{custom| high-strength|
low-strength
Cisco Firepower 4100/9300 FXOS Command Reference
192
(Optional) Specifies the type of authentication to use for HTTPS access:
• cert-auth—Sets your system to use a client certificate in conjunction
with LDAP to authenticate users for HTTPS access.
• cred-auth—Sets the system to use credential-based user authentication
for HTTPS access.
(Optional) Specifies the definition string for the cipher suite to be used with
the custom cipher-suite-mode.
The specification string can contain up to 256 characters and must conform to
the OpenSSL Cipher Suite specifications. You cannot use any spaces or special
characters, except ! (exclamation point), + (plus sign), - (hyphen), and : (colon).
See
http://httpd.apache.org/docs/2.0/mod/mod_ssl.html#sslciphersuite
additional information.
This string is ignored if cipher-suite-mode is set to anything other
Note
than custom.
(Optional) Sets the level of Cipher Suite security used:
• custom—Lets you define a custom Cipher Suite security specification
string using the cipher-suite option.
• high-strength—ALL:!EDH-RSA-DES-CBC3-SHA:
!EDH-DSS-DES-CBC3-SHA: !DES-CBC3-SHA:!ADH:!3DES:
!EXPORT40:!EXPORT56:!LOW:!MEDIUM:!eNULL:!RC4:!MD5:
!IDEA:+HIGH:+EXP
• low-strength—ALL:!EDH-RSA-DES-CBC3-SHA:
!EDH-DSS-DES-CBC3-SHA: !DES-CBC3-SHA:!ADH:!3DES:
!EXPORT40:!EXPORT56:RC4+RSA:
!IDEA:+HIGH:+MEDIUM:+LOW:+EXP:+eNULL
• medium-strength—ALL:!EDH-RSA-DES-CBC3-SHA:
!EDH-DSS-DES-CBC3-SHA:
!DES-CBC3-SHA:!ADH:!3DES:!EXPORT40:!EXPORT56:
!LOW:!RC4:!MD5:!IDEA:+HIGH:+MEDIUM:+EXP:+eNULL
Generally, cipher strength is roughly based on the bits of security (or symmetric
key size), with ‟low" meaning less than 128 bits of security, ‟medium" meaning
equal to 128 bits, and ‟high" meaning greater than 128 bits of security.
S Commands
for
- Quick Links:
- Cli Overview
Hide quick links:
Advertisement
Table of Contents
