HP Traffic Director Server Appliances sa7200/sa7220 and 8200/sa8220 - User Guide
A P P E N D I X B Revoking a Certificate
265
12.Combine the clientkey1.pem and cert.pem files into one file by
typing this command:
cat clientkey1.pem cert.pem > all.pem
13.Convert to p12 format by typing this command:
openssl pkcs12 -export -in all.pem
-out <file>.p12 -name “MY NAME”
Revoking a Certificate
1. To revoke a certificate, type this command:
openssl ca -revoke clientcertificate.pem
2. Generate a new CRL to incorporate the revoked certificate by
typing this command:
openssl ca -gencrl -out crl.pem
Using Ciphers with the SA8220
The SA8220 only supports RSA key exchange and authentication.
Diffie-Hellman (including Anonymous and Ephemeral) key
exchange/authentication and DSS authentication are not supported.
Use the
set cipher command to specify the cipher. The command
prompts you for the cipher strength, as shown below.
The default cipher value is all supported ciphers (both SSLv2 and
SSLv3).
Element Description
All All supported ciphers
High All ciphers using Triple-DES
Medium All ciphers with 128 bit encryption
Low All low strength ciphers (no export, single DES)
Export All export ciphers