Manualshelf

Security Guide (Supporting ADX v03.1.00) Instruction Manual

ManualsBrandsBrocade ManualsComputer AccessoriesVirtual ADX
131132133134135136137138139140
Brocade Virtual ADX Security Guide 127
53-1003250-01
Advanced SSL profile configuration
6
To configure this feature, use commands such as the following:
Virtual ADX(config)#ssl profile sp1
Virtual ADX(config-ssl-profile-sp1)#cipher-suite rsa-with-aes-128-sha
Virtual ADX(config-ssl-profile-sp1)#cipher-suite rsa-with-rc4-128-md5
Virtual ADX(config-ssl-profile-sp1)#cipher-suite rsa-with-rc4-128-sha
Specifying a certificate file
Each SSL profile must be associated with a certificate file that was either imported or self
generated as described in “Chained certificates” on page 100. The following example uses the
certificate-file command to associate the certificate file named "certfile1" with the "profile1" SSL
profile.
Virtual ADX(config)#ssl profile profile1
Virtual ADX(config-ssl-profile-profile1)#certificate-file certfile1
Syntax: certificate-file certificate-file-name
The certificate-file-name variable is an ASCII string that specifies a certificate file that either self
generated on the Brocade Virtual ADX using the ssl gencert command or imported into the Brocade
Virtual ADX as described in “Chained certificates” on page 100.
Advanced SSL profile configuration
This section describes the following advanced SSL configuration options:
Client authentication
Enabling Session caching
Enabling SSLv2
Enabling close notify
Disabling Certificate verification
All SSL configuration parameters are configured in the configuration level under the specific SSL
profile. An SSL profile is created using the ssl profile command at the General configuration level
as shown in “Basic SSL profile configuration”.
Configuring client authentication
The following features can be configured for certificate management:
Enabling certificate verification
Configuring a CA certificate file
Creating a certificate revocation list
Allowing self-signed certificates