F3215-HP Load Balancing Module Security Command Reference-6PW101
183
Default command level
2: System level
Parameters
rsa_aes_128_cbc_sha: Specifies the key exchange algorithm of RSA, the data encryption algorithm of
128-bit AES_CBC, and the MAC algorithm of SHA.
rsa_des_cbc_sha: Specifies the key exchange algorithm of RSA, the data encryption algorithm of
DES_CBC, and the MAC algorithm of SHA.
rsa_rc4_128_md5: Specifies the key exchange algorithm of RSA, the data encryption algorithm of
128-bit RC4, and the MAC algorithm of MD5.
rsa_rc4_128_sha: Specifies the key exchange algorithm of RSA, the data encryption algorithm of 128-bit
RC4, and the MAC algorithm of SHA.
Examples
# Set the preferred cipher suite for SSL client policy policy1 to rsa_aes_128_cbc_sha.
<Sysname> system-view
[Sysname] ssl client-policy policy1
[Sysname-ssl-client-policy-policy1] prefer-cipher rsa_aes_128_cbc_sha
Related commands
display ssl client-policy
server-verify enable
Use server-verify enable to enable certificate-based SSL server authentication so that the SSL client
authenticates the server by the server’s certificate during the SSL handshake process.
Use undo server-verify enable to disable certificate-based SSL server authentication. When
certificate-based SSL server authentication is disabled, it is assumed that the SSL server is valid.
Syntax
server-verify enable
undo server-verify enable
Default
Certificate-based SSL server authentication is enabled.
Views
SSL client policy view
Default command level
2: System level
Examples
# Enable certificate-based SSL server authentication.
<Sysname> system-view
[Sysname] ssl client-policy policy1
[Sysname-ssl-client-policy-policy1] server-verify enable
Related commands
display ssl client-policy