HP e-Commerce / XML director server appliance sa8250 - Users Guide
A P P E N D I X B Revoking a Certificate
293
12.Combine the clientkey1.pem and cert.pem files into one file by
typing this command:
cat clientkey1.pem cert.pem > all.pem
13.Convert to p12 format by typing this command:
openssl pkcs12 -export -in all.pem
-out <file>.p12 -name “MY NAME”
Revoking a Certificate
1. To revoke a certificate, type this command:
openssl ca -revoke clientcertificate.pem
2. To generate a new CRL to incorporate the revoked certificate,
type this command:
openssl ca -gencrl -out crl.pem
Using Ciphers with the SA8250
The SA8250 only supports RSA key exchange and authentication.
Diffie-Hellman (including Anonymous and Ephemeral) key
exchange/authentication and DSS authentication are not supported.
Use the
set cipher command to specify the cipher. The command
prompts you for the cipher strength, as shown in this table.
Element Description
All All supported ciphers
High All ciphers using Triple-DES
Medium All ciphers with 128 bit encryption
Low All low strength ciphers (no export, single DES)
Export All export ciphers
Cipher Strength Listing