Specifying a certificate file, Advanced ssl profile configuration, Configuring client authentication – Brocade Virtual ADX Security Guide (Supporting ADX v03.1.00) User Manual
Page 139
Brocade Virtual ADX Security Guide
127
53-1003250-01
Advanced SSL profile configuration
6
To configure this feature, use commands such as the following:
Virtual ADX(config)#ssl profile sp1
Virtual ADX(config-ssl-profile-sp1)#cipher-suite rsa-with-aes-128-sha
Virtual ADX(config-ssl-profile-sp1)#cipher-suite rsa-with-rc4-128-md5
Virtual ADX(config-ssl-profile-sp1)#cipher-suite rsa-with-rc4-128-sha
Specifying a certificate file
Each SSL profile must be associated with a certificate file that was either imported or self
generated as described in
on page 100. The following example uses the
certificate-file command to associate the certificate file named "certfile1" with the "profile1" SSL
profile.
Virtual ADX(config)#ssl profile profile1
Virtual ADX(config-ssl-profile-profile1)#certificate-file certfile1
Syntax: certificate-file certificate-file-name
The certificate-file-name variable is an ASCII string that specifies a certificate file that either self
generated on the Brocade Virtual ADX using the ssl gencert command or imported into the Brocade
Virtual ADX as described in
Advanced SSL profile configuration
This section describes the following advanced SSL configuration options:
•
Client authentication
•
Enabling Session caching
•
Enabling SSLv2
•
Enabling close notify
•
Disabling Certificate verification
All SSL configuration parameters are configured in the configuration level under the specific SSL
profile. An SSL profile is created using the ssl profile command at the General configuration level
as shown in
“Basic SSL profile configuration”
.
Configuring client authentication
The following features can be configured for certificate management:
•
Enabling certificate verification
•
Configuring a CA certificate file
•
Creating a certificate revocation list
•
Allowing self-signed certificates