430
Predefined user roles
network-admin
Usage guidelines
The SSL client and server use digital certificates to authenticate each other. For more information about
digital certificates, see Security Configuration Guide.
If you execute the server-verify enable command, an SSL server must send its own digital certificate to the
SSL client for authentication. The client can access the SSL server only after the server passes the
authentication.
Examples
# Enable the SSL client to use digital certificates to authenticate SSL servers.
<Sysname> system-view
[Sysname] ssl client-policy policy1
[Sysname-ssl-client-policy-policy1] server-verify enable
Related commands
display ssl client-policy
ssl client-policy
Use ssl client-policy to create an SSL client policy and enter SSL client policy view.
Use undo ssl client-policy to delete an SSL client policy.
Syntax
ssl client-policy policy-name
undo ssl client-policy policy-name
Default
No SSL client policy exists on the device.
Views
System view
Predefined user roles
network-admin
Parameters
policy-name: Specifies an SSL client policy by its name, a case-insensitive string of 1 to 31 characters.
Usage guidelines
This command creates an SSL client policy for which you can configure SSL parameters that the client
uses to establish a connection to the server. The parameters include a PKI domain and a preferred cipher
suite. An SSL client policy takes effect only after it is associated with an application such as the Dynamic
Domain Name System (DDNS).
Examples
# Create SSL client policy policy1 and enter SSL client policy view.
<Sysname> system-view
[Sysname] ssl client-policy policy1
To Next Page
Loading...
