Table of Contents
Advertisement
Configuring Secure Socket Layer (SSL)
General Operating Rules and Notes
7-6
General Operating Rules and Notes
■
Once you generate a certificate on the switch you should avoid re-
generating the certificate without a compelling reason. Otherwise,
you will have to re-introduce the switch's certificate on all manage-
ment stations (clients) you previously set up for SSL access to the
switch. In some situations this can temporarily allow security
breaches.
■
The switch's own public/private certificate key pair and certificate
are stored in the switch's flash memory and are not affected by
reboots or the erase startup-config command
The public/private certificate key pair is not be confused with the SSH
■
public/private key pair. The certificate key pair and the SSH key pair
are independent of each other, which means a switch can have two
keys pairs stored in flash
On ProCurve switches that support stacking, when stacking is
■
enabled, SSL provides security only between an SSL client and the
stack manager. Communications between the stack commander and
stack members is not secure.
Hide quick links:
Advertisement
Table of Contents
