Terminology – HP 4100GL User Manual

Configuring Secure Socket Layer (SSL)

Terminology

HP

Switch

(SSL

Server)

SSL Client

Browser

1. Switch-to-Client SSL Cert.

2. User-to-Switch (login password and

enable password authentication)
options:

– Local
– TACACS+
– RADIUS

Figure 5-1. Switch/User Authentication

SSL on the Series 4100GL switches supports these data encryption methods:

■

3DES (168-bit, 112 Effective)

■

DES (56-bit)

■

RC4 (40-bit, 128-bit)

N o t e :

ProCurve Switches use RSA public key algorithms and Diffie-Hellman, and all
references to a key mean keys generated using these algorithms unless
otherwise noted

Terminology

■

SSL Server:

An HP switch with SSL enabled.

■

Key Pair:

Public/private pair of RSA keys generated by switch, of

which public portion makes up part of server host certificate and
private portion is stored in switch flash (not user accessible).

■

Digital Certificate:

A certificate is an electronic "passport" that is

used to establish the credentials of the subject to which the certificate
was issued. Information contained within the certificate includes:
name of the subject, serial number, date of validity, subject's public
key, and the digital signature of the authority who issued the certifi

-

cate. Certificates on Procurve switches conform to the X.509v3
standard, which defines the format of the certificate.

■

Self-Signed Certificate:

A certificate not verified by a third-party

certificate authority (CA). Self-signed certificates provide a reduced
level of security compared to a CA-signed certificate.

5-3