You configure SSL profiles at the libraries ssl-profiles level.
To create an SSL profile, use the following command:
Admin@nodename# create libraries ssl-profiles <parameter>
Specify the following parameters:
Parameter |
Description |
---|---|
name |
The name of the SSL profile. |
description |
Profile description. |
min-tls-version |
Minimum TLS version that can be used in this profile:
|
max-tls-version |
Maximum TLS version that can be used in this profile:
|
ssl-ciphers |
Select the necessary digital signature and encryption algorithms. |
ssl-ciphers-suite |
Set encryption algorithms for standard protocols. This parameter is used to select the required signature and encryption algorithms for standard TLS protocols. Specify a version:
|
To edit profile information, use the following command:
Admin@nodename# set libraries ssl-profiles <profile-name> <parameter>
The parameters available to update are identical to those used to create a profile.
To delete an entire SSL profile or individual digital signature and encryption algorithms from it, use the following commands:
Admin@nodename# delete libraries ssl-profiles <profile-name> Admin@nodename# delete libraries ssl-profiles <profile-name> ssl-ciphers [ cipher ... ]
To display information about SSL profiles, use the following command:
Admin@nodename# show libraries ssl-profiles Admin@nodename# show libraries ssl-profiles <profile-name>