F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices Network Management Command Reference-6PW100

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module

1111

Table Of Contents

1093

Examples

# Configure the SSL server to require certificate-based SSL client authentication.

<Sysname> system-view

[Sysname] ssl server-policy policy1

[Sysname-ssl-server-policy-policy1] client-verify enable

Related commands

• client-verify weaken

• display ssl server-policy

client-verify weaken

Use client-verify weaken to enable SSL client weak authentication.

Use undo client-verify weaken to restore the default.

Syntax

client-verify weaken

undo client-verify weaken

Default

SSL client weak authentication is disabled.

Views

SSL server policy view

Default command level

2: System level

Usage guidelines

The client-verify weaken command takes effect only when the SSL server requires certificate-based client

authentication.

If the SSL server requires certificate-based client authentication and the SSL client weak authentication

function is enabled, whether the client must be authenticated is up to the client. If the client chooses to be

authenticated, the client must pass authentication before accessing the SSL server; otherwise, the client

can access the SSL server without authentication.

If the SSL server requires certificate-based client authentication and SSL client weak authentication is

disabled, the SSL client must pass authentication before accessing the SSL server.

Examples

# Enable SSL client weak authentication.

<Sysname> system-view

[Sysname] ssl server-policy policy1

[Sysname-ssl-server-policy-policy1] client-verify enable

[Sysname-ssl-server-policy-policy1] client-verify weaken

Related commands

• client-verify enable

• display ssl server-policy