Ssl Server Policy Configuration Example - H3C S5500-EI series Operation Manual
Hide thumbs
Also See for S5500-EI series:
- Configuration manual (490 pages) ,
- Security configuration manual (448 pages) ,
- Operation manual (216 pages)
Table of Contents
Advertisement
Operation Manual – SSL-HTTPS
H3C S5500-EI Series Ethernet Switches
Specify the cipher
suite(s) for the SSL
server policy to support
Set the handshake
timeout time for the
SSL server
Configure the SSL
connection close mode
Set the maximum
number of cached
sessions and the
caching timeout time
Enable
certificate-based SSL
client authentication
Note:
If you enable client authentication here, you must request a local certificate for the
client.
1.3.3 SSL Server Policy Configuration Example
I. Network requirements
A switch works as the HTTPS server.
A host works as the client and accesses the HTTPS server through HTTP secured
with SSL.
A certificate authentication (CA) issues a certificate to the switch.
Caution:
In this instance, Windows Server works as the CA and the Simple Certificate
Enrollment Protocol (SCEP) plug-in is installed on the CA.
To do...
Use the command...
ciphersuite
[ rsa_aes_128_cbc_sha |
rsa_des_cbc_sha |
rsa_rc4_128_md5 |
rsa_rc4_128_sha ] *
handshake timeout time
close-mode wait
session { cachesize size
| timeout time } *
client-verify enable
Optional
By default, an SSL server
policy supports all cipher
suites.
Optional
3,600 seconds by default
Optional
Not wait by default
Optional
The defaults are as follows:
500 for the maximum
number of cached sessions,
3600 seconds for the
caching timeout time.
Optional
Not enabled by default
1-3
Chapter 1 SSL Configuration
Remarks
Advertisement
Chapters
Table of Contents
Troubleshooting
