HP VPN Firewall Appliances Network Management Command Reference
1097
Views
SSL client policy view
Default command level
2: System level
Parameters
dhe_rsa_aes_128_cbc_sha: Specifies the key exchange algorithm of DH_RSA, the data encryption
algorithm of 128-bit AES_CBC, and the MAC algorithm of SHA.
dhe_rsa_aes_256_cbc_sha: Specifies the key exchange algorithm of DH_RSA, the data encryption
algorithm of 256-bit AES_CBC, and the MAC algorithm of SHA.
rsa_3des_ede_cbc_sha: Specifies the key exchange algorithm of RSA, the data encryption algorithm of
3DES_EDE_CBC, and the MAC algorithm of SHA.
rsa_aes_128_cbc_sha: Specifies the key exchange algorithm of RSA, the data encryption algorithm of
128-bit AES_CBC, and the MAC algorithm of SHA.
rsa_aes_256_cbc_sha: Specifies the key exchange algorithm of RSA, the data encryption algorithm of
256-bit AES_CBC, and the MAC algorithm of SHA.
rsa_des_cbc_sha: Specifies the key exchange algorithm of RSA, the data encryption algorithm of
DES_CBC, and the MAC algorithm of SHA.
rsa_rc4_128_md5: Specifies the key exchange algorithm of RSA, the data encryption algorithm of
128-bit RC4, and the MAC algorithm of MD5.
rsa_rc4_128_sha: Specifies the key exchange algorithm of RSA, the data encryption algorithm of 128-bit
RC4, and the MAC algorithm of SHA.
The following matrix shows support for the rsa_3des_ede_cbc_sha and rsa_aes_256_cbc_sha keywords
on different firewalls and firewall modules:
Hardware Ke
y
words com
p
atible
F1000-A-EI/F1000-S-EI Yes
F1000-E Yes
F5000 No
F5000-S/F5000-C Yes
VPN firewall modules Yes
20-Gbps VPN firewall modules Yes
Examples
# Set the preferred cipher suite for SSL client policy policy1 to rsa_aes_128_cbc_sha.
<Sysname> system-view
[Sysname] ssl client-policy policy1
[Sysname-ssl-client-policy-policy1] prefer-cipher rsa_aes_128_cbc_sha
Related commands
display ssl client-policy