R3102-R3103-HP 6600/HSR6600 Routers Security Command Reference
390
<Sysname> system-view
[Sysname] ssl server-policy policy1
[Sysname-ssl-server-policy-policy1] client-verify enable
Related commands
• client-verify weaken
• display ssl server-policy
client-verify weaken
Use client-verify weaken to enable SSL client weak authentication.
Use undo client-verify weaken to restore the default.
Syntax
client-verify weaken
undo client-verify weaken
Default
SSL client weak authentication is disabled.
Views
SSL server policy view
Default command level
2: System level
Usage guidelines
The client-verify weaken command takes effect only when the SSL server requires certificate-based client
authentication.
If the SSL server requires certificate-based client authentication and the SSL client weak authentication
function is enabled, whether the client must be authenticated is up to the client. If the client chooses to be
authenticated, the client must pass authentication before accessing the SSL server; otherwise, the client
can access the SSL server without authentication.
If the SSL server requires certificate-based client authentication and SSL client weak authentication is
disabled, the SSL client must pass authentication before accessing the SSL server.
Examples
# Enable SSL client weak authentication.
<Sysname> system-view
[Sysname] ssl server-policy policy1
[Sysname-ssl-server-policy-policy1] client-verify enable
[Sysname-ssl-server-policy-policy1] client-verify weaken
Related commands
• client-verify enable
• display ssl server-policy