1212
C
95: SSL C
HAPTER
ONFIGURATION
3 If the server certificate cannot be trusted, install on the SSL client the root
certificate of the CA that issues the local certificate to the SSL server, or let the
server requests a certificate from the CA that the SSL client trusts.
4 If the SSL server is configured to authenticate the client, but the certificate of the
SSL client does not exist or cannot be trusted, request and install a certificate for
the client.
5 You can use the display ssl server-policy command to view the cipher suite used
by the SSL server policy. If the cipher suite used by the SSL server does not match
that used by the client, use the ciphersuite command to modify the cipher suite
of the SSL server.