®
xStack
DGS-3120 Series Layer 2 Managed Stackable Gigabit Switch CLI Reference Guide
Chapter 71 Secure Sockets Layer (SSL)
download ssl certificate <ipaddr> certfilename <path_filename 64> keyfilename <path_filename
64>
enable ssl {ciphersuite {RSA_with_RC4_128_MD5 | RSA_with_3DES_EDE_CBC_SHA |
DHE_DSS_with_3DES_EDE_CBC_SHA | RSA_EXPORT_with_RC4_40_MD5}}
disable ssl {ciphersuite {RSA_with_RC4_128_MD5 | RSA_with_3DES_EDE_CBC_SHA |
DHE_DSS_with_3DES_EDE_CBC_SHA | RSA_EXPORT_with_RC4_40_MD5}}
delete ssl certificate <path_filename 64>
show ssl {certificate {[chain | <path_filename 64>]}}
show ssl cachetimeout
config ssl cachetimeout <value 60-86400>
config ssl certificate chain [default | <cert_list>]
71-1
download ssl certificate
Description
This command is used to download the certificate to the device according to the certificate level.
The user can download the specified certificate to the device which must, according to desired key
exchange algorithm. For RSA key exchange, the user must download RSA type certificate and for
DHS_DSS is using the DSA certificate for key exchange.
Format
download ssl certificate <ipaddr> certfilename <path_filename 64> {keyfilename
<path_filename 64>}
Parameters
<ipaddr> - Enter the TFTP server IP address used for this configuration here.
certfilename - Specify the desired certificate file name.
<path_filename 64> - Certificate file path respect to tftp server root path, and input characters
max to 64 octets.
keyfilename – (Optional) Specify the private key file name which accompany with the certificate.
<path_filename 64> - Private key file path respect to tftp server root path, and input
characters max to 64 octets.
Restrictions
Only Administrator-level users can issue this command.
Example
To download certificate from TFTP server:
Command List
641