Revoking a certificate, Using ciphers with the sa8220 – HP Traffic Director sa7220 User Manual

Page 277

A P P E N D I X B

Revoking a Certificate

265

12. Combine the clientkey1.pem and cert.pem files into one file by

typing this command:

cat clientkey1.pem cert.pem > all.pem

13. Convert to p12 format by typing this command:

openssl pkcs12 -export -in all.pem

-out .p12 -name “MY NAME”

Revoking a Certificate

1. To revoke a certificate, type this command:

openssl ca -revoke clientcertificate.pem

2. Generate a new CRL to incorporate the revoked certificate by

typing this command:

openssl ca -gencrl -out crl.pem

Using Ciphers with the SA8220

The SA8220 only supports RSA key exchange and authentication.
Diffie-Hellman (including Anonymous and Ephemeral) key
exchange/authentication and DSS authentication are not supported.

Use the

set cipher

command to specify the cipher. The command

prompts you for the cipher strength, as shown below.

The default cipher value is all supported ciphers (both SSLv2 and
SSLv3).

Element

Description

All

All supported ciphers

High

All ciphers using Triple-DES

Medium

All ciphers with 128 bit encryption

Low

All low strength ciphers (no export, single DES)

Export

All export ciphers

This manual is related to the following products:

Traffic Director sa7200 e-Commerce Traffic Director sa8200 e-Commerce Traffic Director sa8220