F3215-HP Load Balancing Module Security Command Reference-6PW101
182
Use undo pki-domain to restore the default.
Syntax
pki-domain domain-name
undo pki-domain
Default
No PKI domain is configured for an SSL server policy or SSL client policy.
Views
SSL server policy view, SSL client policy view
Default command level
2: System level
Parameters
domain-name: Name of a PKI domain, a case-insensitive string of 1 to 15 characters.
Usage guidelines
If you do not specify a PKI domain for an SSL server policy, the SSL server generates and signs a
certificate for itself rather than obtaining one from a CA server.
Examples
# Configure SSL server policy policy1 to use PKI domain server-domain.
<Sysname> system-view
[Sysname] ssl server-policy policy1
[Sysname-ssl-server-policy-policy1] pki-domain server-domain
# Configure SSL client policy policy1 to use PKI domain client-domain.
<Sysname> system-view
[Sysname] ssl client-policy policy1
[Sysname-ssl-client-policy-policy1] pki-domain client-domain
Related commands
• display ssl server-policy
• display ssl client-policy
prefer-cipher
Use prefer-cipher to specify the preferred cipher suite for an SSL client policy.
Use undo prefer-cipher to restore the default.
Syntax
prefer-cipher { rsa_aes_128_cbc_sha | rsa_des_cbc_sha | rsa_rc4_128_md5 | rsa_rc4_128_sha }
undo prefer-cipher
Default
The preferred cipher suite for an SSL client policy is rsa_rc4_128_md5.
Views
SSL client policy view