Chapter 1 Ssl Configuration; Ssl Overview - H3C S5500-EI series Operation Manual
Hide thumbs
Also See for S5500-EI series:
- Configuration manual (490 pages) ,
- Security configuration manual (448 pages) ,
- Operation manual (216 pages)
Table of Contents
Advertisement
Operation Manual – SSL-HTTPS
H3C S5500-EI Series Ethernet Switches
Chapter 1 SSL Configuration
When configuring SSL, go to these sections for information you are interested in:
SSL Overview
SSL Configuration Task List
Displaying and Maintaining SSL
Troubleshooting SSL
1.1 SSL Overview
Secure Sockets Layer (SSL) is a security protocol providing secure connection service
for TCP-based application layer protocols, for example, HTTP protocol. It is widely
used in E-business and online bank fields to provide secure data transmission over the
Internet.
SSL provides these security services:
Confidentiality: SSL encrypts data using a symmetric encryption algorithm and the
key generated during the handshake phase.
Authentication: SSL supports authenticating both the server and the client through
certificates, with the authentication of the client being optional.
Reliability: SSL uses key-based message authentication code (MAC) to verify
message integrity.
As shown in
record protocol at the lower layer and the SSL handshake protocol, change cipher spec
protocol, and alert protocol at the upper layer.
Figure 1-1 SSL protocol stack
SSL handshake protocol: Responsible for establishing a session between a client
and the server. A session consists of a set of parameters such as the session ID,
peer certificate, cipher suite (including key exchange algorithm, data encryption
algorithm and MAC algorithm), compression algorithm, and master key. An SSL
session can be used to establish multiple connections, reducing session
negotiation cost.
Figure
1-1, the SSL protocol consists of two layers of protocols: the SSL
1-1
Chapter 1 SSL Configuration
Advertisement
Chapters
Table of Contents
Troubleshooting
