R3721-F3210-F3171-HP High-End Firewalls Network Management Command Reference-6PW101
994
Examples
# Configure the SSL server to require certificate-based SSL client authentication.
<Sysname> system-view
[Sysname] ssl server-policy policy1
[Sysname-ssl-server-policy-policy1] client-verify enable
client-verify weaken
Syntax
client-verify weaken
undo client-verify weaken
View
SSL server policy view
Default level
2: System level
Parameters
None
Description
Use client-verify weaken to enable SSL client weak authentication.
Use undo client-verify weaken to restore the default.
By default, SSL client weak authentication is disabled.
If the SSL server requires certificate-based client authentication and the SSL client weak authentication
function is enabled, whether the client must be authenticated is up to the client. If the client chooses to be
authenticated, the client must pass authentication before accessing the SSL server; otherwise, the client
can access the SSL server without authentication.
If the SSL server requires certificate-based client authentication and SSL client weak authentication is
disabled, the SSL client must pass authentication before accessing the SSL server.
NOTE:
The client-verify weaken command takes effect only when the SSL server requires certificate-based clien
t
authentication.
Related commands: client-verify enable and display ssl server-policy.
Examples
# Enable SSL client weak authentication.
<Sysname> system-view
[Sysname] ssl server-policy policy1
[Sysname-ssl-server-policy-policy1] client-verify enable
[Sysname-ssl-server-policy-policy1] client-verify weaken