12.13.20. Configuring SSL profiles

You configure SSL profiles at the libraries ssl-profiles level.

To create an SSL profile, use the following command:

Admin@UGOS# create libraries ssl-profiles

Specify the following parameters:

Parameter

Description

name

The name of the SSL profile.

description

Profile description.

min-tls-version

Minimum TLS version that can be used in this profile:

  • tls1.

  • tls1.1.

  • tls1.2.

min-tls-version

Minimum TLS version that can be used in this profile:

  • tls1.

  • tls1.1.

  • tls1.2.

  • tls1.3.

ssl-ciphers

Select the necessary digital signature and encryption algorithms.

ssl-ciphers-suite

Set encryption algorithms for standard protocols. This parameter is used to select the required signature and encryption algorithms for standard TLS protocols. Specify a version:

  • tls1.

  • tls1.1.

  • tls1.2.

  • tls1.3.

To update information about a profile, use the following command:

Admin@UGOS# set libraries ssl-profiles <profile-name>

The parameters available to update are identical to those used to create a profile.

To delete an entire SSL profile or individual digital signature and encryption algorithms from it, use the following commands:

Admin@UGOS# delete libraries ssl-profiles <profile-name> 

Admin@UGOS# delete libraries ssl-profiles <profile-name> ssl-ciphers [ cipher ... ]

To display information about SSL profiles, use the following command:

Admin@UGOS# show libraries ssl-profiles

Admin@UGOS# show libraries ssl-profiles <profile-name>