Manualshelf

F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices Network Management Command Reference-6PW100

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
1111111211131114111511161117111811191120
Table Of Contents
1092
Hardware Ke
y
words com
p
atible
F1000-A-EI/F1000-S-EI Yes
F1000-E Yes
F5000 No
Firewall module Yes
U200-A Yes
U200-S No
Usage guidelines
With no keyword specified, the command configures an SSL server policy to support all cipher suites.
If you execute this command multiple times, the most recent configuration takes effect.
Examples
# Configure SSL server policy policy1 to support cipher suites rsa_rc4_128_md5 and rsa_rc4_128_sha.
<Sysname> system-view
[Sysname] ssl server-policy policy1
[Sysname-ssl-server-policy-policy1] ciphersuite rsa_rc4_128_md5 rsa_rc4_128_sha
Related commands
display ssl server-policy
client-verify enable
Use client-verify enable to configure the SSL server to require the client to pass certificate-based
authentication.
Use undo client-verify enable to restore the default.
Syntax
client-verify enable
undo client-verify enable
Default
The SSL server does not require certificate-based SSL client authentication.
Views
SSL server policy view
Default command level
2: System level
Usage guidelines
If you configure the client-verify enable command and enable the SSL client weak authentication function,
whether the client must be authenticated is up to the client. If the client chooses to be authenticated, the
client must pass authentication before accessing the SSL server; otherwise, the client can access the SSL
server without authentication.
If you configure the client-verify enable command but disable the SSL client weak authentication function,
the SSL client must pass authentication before accessing the SSL server.