HP VPN Firewall Appliances Network Management Command Reference
1090
rsa_rc4_128_sha: Specifies the key exchange algorithm of RSA, the data encryption algorithm of 128-bit
RC4, and the MAC algorithm of SHA.
The following matrix shows support for the rsa_3des_ede_cbc_sha and rsa_aes_256_cbc_sha keywords
on different firewalls and firewall modules:
Hardware Ke
y
words com
p
atible
F1000-A-EI/F1000-S-EI Yes
F1000-E Yes
F5000 No
F5000-S/F5000-C Yes
VPN firewall modules Yes
20-Gbps VPN firewall modules Yes
Usage guidelines
With no keyword specified, the command configures an SSL server policy that supports all cipher suites.
If you execute this command multiple times, the most recent configuration takes effect.
Examples
# Configure SSL server policy policy1 to support cipher suites rsa_rc4_128_md5 and rsa_rc4_128_sha.
<Sysname> system-view
[Sysname] ssl server-policy policy1
[Sysname-ssl-server-policy-policy1] ciphersuite rsa_rc4_128_md5 rsa_rc4_128_sha
Related commands
display ssl server-policy
client-verify enable
Use client-verify enable to configure the SSL server to require the client to pass certificate-based
authentication.
Use undo client-verify enable to restore the default.
Syntax
client-verify enable
undo client-verify enable
Default
The SSL server does not require certificate-based SSL client authentication.
Views
SSL server policy view
Default command level
2: System level