1. Manuals
  2. Brands
  3. Brocade Communications Systems Manuals
  4. Switch
  5. ServerIron ADX 12.4.00a
  6. Security manual

Enabling Session Caching; Configuring Session Cache Size - Brocade Communications Systems ServerIron ADX 12.4.00a Security Manual

Version 12.4.00a
Hide thumbs
Table of Contents

Advertisement

6
Advanced SSL profile configuration
NOTE
All intermediate CA certificates need to be uploaded to the ServerIronADX.
Configuring certificate chain depth
You can configure certificate chain depth up to which certificate verification can be done by a
ServerIronADX. The default value is 4 and it can be configured up to 10 as shown in the following.
ServerIronADX(config)#ssl profile profile1
ServerIronADX(config-ssl-profile-ssl-profile1)# verify-cert-depth 10
Syntax: [no] verify-cert-depth <chain-depth>
The <chain-depth> variable specifies the maximum certificate chain depth verified. The accepted
values are 4 - 10. The default value is 4.

Enabling session caching

Session caching or session reuse is a mode of operation in SSL where multiple SSL connections
can share the same SSL session. A complete SSL handshake is done only for the first connection.
All subsequent connections use the parameters negotiated in the first connection, for as long as
the SSL session is cached.
By default, session caching is turned off on the ServerIronADX.
The following example enables session caching for the SSL client in the SSL profile "profile1".
ServerIronADX(config)# ssl profile profile1
ServerIronADX(config-ssl-profile-profile1)# session-cache on
Syntax: [no] session-cache { on| off }
The on parameter enables session caching for the SSL client.
The off parameter disables session caching. This is the default state.
NOTE
Please note that SSL session caching will not work with the server source-port-hash command
because that command will redirect traffic (from the same client IP) with different TCP source ports
to different BPs.

Configuring session cache size

You can specify the maximum number of session-cache entries per profile, as shown in the
following example:
ServerIronADX(config-ssl-profile-ssl1)# session-cache max-entries 512
Syntax: [no] session-cache max-entries <num-max-entries>
The <num-max-entries> can have a value between 512 and 8192.
The default value is 1024.
170
ServerIron ADX Security Guide
53-1002440-03

Advertisement

Table of Contents
loading

Related Manuals for Brocade Communications Systems ServerIron ADX 12.4.00a

Related Content for Brocade Communications Systems ServerIron ADX 12.4.00a

This manual is also suitable for:

Serveriron adx 1000Serveriron adx 4000Serveriron adx 8000Serveriron adx 10000

Table of Contents