policy ssl
Release
SSL Services Module
Release 2.1(5)
SSL Services Module
Release 3.1(1)
Usage Guidelines
Each SSL-policy configuration submode command is entered on its own line.
Table 2-4
Table 2-4
SSL-Policy Configuration Submode Command Descriptions
Syntax
cert-req empty
cipher-suite {all | all-export | all-strong |
rsa-exp-with-des40-cbc-sha |
rsa-exp-with-rc4-40-md5 |
rsa-exp1024-with-des-cbc-sha |
rsa-exp1024-with-rc4-56-md5 |
rsa-exp1024-with-rc4-56-sha |
rsa-with-3des-ede-cbc-sha |
rsa-with-des-cbc-sha | rsa-with-null-md5 |
rsa-with-rc4-128-md5 |
rsa-with-rc4-128-sha}
[no] close-protocol {strict | none}
default {cipher | close-protocol |
session-cache | version}
exit
Catalyst 6500 Series Switch SSL Services Module Command Reference
2-40
Modification
This command was changed to add the following subcommands:
cert-req empty
•
tls-rollback [current | any]
•
The policy ssl command (entered in context subcommand mode) replaces
the ssl-proxy policy ssl command (entered in global subcommand mode).
This command was changed to add the following submode commands:
•
cipher rsa-exp-with-des40-cbc-sha
cipher rsa-exp-with-rc4-40-md5
•
cipher rsa-exp1024-with-des-cbc-sha
•
cipher rsa-exp1024-with-rc4-56-md5
•
cipher rsa-exp1024-with-rc4-56-sha
•
cipher rsa-with-null-md5
•
renegotiation volume
•
•
renegotiation interval
renegotiation wait-time
•
renegotiation optional
•
lists the commands available in SSL-policy configuration submode.
Description
Allows you to specify that the SSL Services Module backend service always
returns the certificate associated with the trustpoint and does not look for a
CA-name match.
Allows you to configure a list of cipher-suites acceptable to the proxy-server.
Allows you to configure the SSL close-protocol behavior. Use the no form
of this command to disable close protocol.
Sets a command to its default settings.
Exits from SSL-policy configuration submode.
Chapter 2
Commands for the Catalyst 6500 Series SSL Services Module
OL-9105-01