R0106-HP MSR Router Series Security Command Reference(V7)

ManualsBrandsHP ManualsNetwork HardwareHP MSR3024 TAA-compliant AC Router

441

442

443

444

445

446

447

448

449

450

429

[Sysname] ssl client-policy policy1

[Sysname-ssl-client-policy-policy1] prefer-cipher rsa_aes_128_cbc_sha

Related commands

• ciphersuite

• display ssl client-policy

server-verify enable

Use server-verify enable to enable the SSL client to use digital certificates to authenticate SSL servers.

Use undo server-verify enable to disable authentication. That is, the client does not authenticate any

server.

Syntax

server-verify enable

undo server-verify enable

Default

The SSL client uses digital certificates to authenticate SSL servers.

Views

SSL client policy view

Predefined user roles

network-admin

Usage guidelines

The SSL client and server use digital certificates to authenticate each other. For more information about

digital certificates, see Security Configuration Guide.

If you execute the server-verify enable command, an SSL server must send its own digital certificate to the

SSL client for authentication. The client can access the SSL server only after the server passes the

authentication.

Examples

# Enable the SSL client to use digital certificates to authenticate SSL servers.

<Sysname> system-view

[Sysname] ssl client-policy policy1

[Sysname-ssl-client-policy-policy1] server-verify enable

Related commands

display ssl client-policy

ssl client-policy

Use ssl client-policy to create an SSL client policy and enter SSL client policy view.

Use undo ssl client-policy to delete an SSL client policy.

Syntax

ssl client-policy policy-name

undo ssl client-policy policy-name