beautypg.com

Confi gure > ssl server 4.86 – Westermo MR Series User Manual

Page 254

background image

254

6622-3201

Web Interface and Command Line Reference Guide

www.westermo.com

Confi gure > SSL server

4.86

The Westermo SSL server handles the encryption and authentication for incoming SSL connec-
tions (such as SSL telnet, HTTPS and SSL ASY port connections) using certificates signed by a
Certificate Authority (CA). For more information regarding certificates and certificate requests,
refer to Configure > Certificate requests, Configure > Certificates > SCEP and Configure >
Certificates > Utilities.

Using the Web Page(s)

Server certificate filename:

The filename of the certificate file required for server authentication.

Server private key filename:

The file that contains the private key that matches the public key stored in the certificate
entered in the Server certificate filename parameter.

SSL version:

This will set the version of encryption that SSL will use. The options are: Any = Use which ever
version is requested by the client software. TLSv1 = Allow TLSv1 only SSLv2 = Allow SSLv2 only
SSLv3 = Allow SSLv3 only

Cipher list:

The cipher list consists of one or more cipher strings separated by colons. Commas or spaces
are also acceptable separators but colons are normally used. The actual cipher string can take
several different forms. It can consist of a single cipher suite such as RC4-SHA. It can represent
a list of cipher suites containing a certain algorithm, or cipher suites of a certain type. For exam-
ple SHA1 represents all ciphers suites using the digest algorithm SHA1 and SSLv3 represents
all SSL v3 algorithms. Lists of cipher suites can be combined in a single cipher string using the +
character. This is used as a logical and operation. For example SHA1+DES represents all cipher
suites containing the SHA1 and the DES algorithms. If left empty the cipher list is not used.

For more information see: http://www.openssl.org/docs/apps/ciphers.html

Using Text Commands

To configure the SSL server via the command line use the sslsvr command.

To display current settings for the SSL server enter the following command:

sslsvr ?

where is 0.

To change the value of a parameter use the command in the format:

sslsvr

The parameter options and values are:

Parameter

Values

Equivalent Web parameter

certfile

text

Client certificate filename

cipherlist

test

Cipher List

ver

(blank), TLS, SSL2, SSL3

SSL Version
(Blank) = Any
TLS = TLSv1
SSL2 = SSLv2
SSL3 = SSLv3

keyfile

text

Server private key filename

This manual is related to the following products:
See also other documents in the category Westermo Equipment: