HP VPN Firewall Appliances Network Management Command Reference

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

1111

1094

Parameters

policy-name: SSL server policy name, a case-insensitive string of 1 to 16 characters.

all: Displays information about all SSL server policies.

|: Filters command output by specifying a regular expression. For more information about regular

expressions, see Getting Started Guide.

begin: Displays the first line that matches the specified regular expression and all lines that follow.

exclude: Displays all lines that do not match the specified regular expression.

include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Examples

# Display information about SSL server policy policy1.

<Sysname> display ssl server-policy policy1

SSL Server Policy: policy1

PKI Domain: domain1

Ciphersuite:

RSA_RC4_128_MD5

RSA_RC4_128_SHA

RSA_DES_CBC_SHA

RSA_3DES_EDE_CBC_SHA

RSA_AES_128_CBC_SHA

RSA_AES_256_CBC_SHA

Handshake Timeout: 3600

Close-mode: wait disabled

Session Timeout: 3600

Session Cachesize: 500

Client-verify: disabled

Client-verify weaken: disabled

Table 246 Command output

Field Descri

tion

SSL Server Policy SSL server policy name.

PKI Domain

PKI domain used by the SSL server policy.

If no PKI domain is specified for the SSL server policy, this field is blank, and the

SSL server generates and signs a certificate for itself and does not obtain a

certificate from a CA server.

Ciphersuite Cipher suites supported by the SSL server policy.

Handshake Timeout Handshake timeout time of the SSL server policy, in seconds.

Close-mode

Close mode of the SSL server policy:

• wait disabled—In this mode, the server sends a close-notify alert message to

the client and then closes the connection immediately without waiting for the

close-notify alert message of the client.

• wait enabled—In this mode, the server sends a close-notify alert message to

the client and then waits for the close-notify alert message of the client. Only

after receiving the expected message, does the server close the connection.