Manual
+7(495) 797-3311 www.qtech.ru
Москва, Новозаводская ул., 18, стр. 1
361
will be forwarded to the other program in sequence, lose packet and re-forwarding will not
appear. A lot of transmission protocols can provide such kind of service in theory, but in actual
application, SSL is almost running on TCP, and not running on UDP and IP directly.
When web function is running on the switch and client visit our web site through the internet
browser, we can use SSL function. The communication between client and switch through SSL
connect can improve the security.
Firstly, SSL should be enabled on the switch. When the client tries to access the switch
through https method, a SSL session will be set up between the switch and the client. When
the SSL session has been set up, all the data transmission in the application layer will be
encrypted.
SSL handshake is done when the SSL session is being set up. The switch should be able to
provide certification keys. Currently the keys provided by the switch are not the formal
certification keys issued by official authentic, but the private certification keys generated by
SSL software under Linux which may not be recognized by the web browser. With regard to
the switch application, it is not necessary to apply for a formal SSL certification key. A private
certification key is enough to make the communication safe between the users and the switch.
Currently it is not required that the client is able to check the validation of the certification key.
The encryption key and the encryption method should be negotiated during the handshake
period of the session which will be then used for data encryption.
SSL session handshake process:
46.2 SSL Configuration Task List
1. Enable/disable SSL function