Filter
Top Products
xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch CLI Manual
387
disable ssl
Purpose To disable the SSL function on the Switch.
Syntax
disable ssl {ciphersuite {RSA_with_RC4_128_MD5 |
RSA_with_3DES_EDE_CBC_SHA |
DHE_DSS_with_3DES_EDE_CBC_SHA |
RSA_EXPORT_with_RC4_40_MD5}}
Description This command will disable SSL on the Switch and can be used to
disable any one or combination of listed ciphersuites on the Switch.
Parameters ciphersuite - A security string that determines the exact cryptographic
parameters, specific encryption algorithms and key sizes to be used for
an authentication session. The user may choose any combination of the
following:
• RSA_with_RC4_128_MD5 – This ciphersuite combines the
RSA key exchange, stream cipher RC4 encryption with 128-bit
keys and the MD5 Hash Algorithm.
• RSA_with_3DES_EDE_CBC_SHA - This ciphersuite combines
the RSA key exchange, CBC Block Cipher 3DES_EDE
encryption and the SHA Hash Algorithm.
• DHE_DSS_with_3DES_EDE_CBC_SHA - This ciphersuite
combines the DSA Diffie Hellman key exchange, CBC Block
Cipher 3DES_EDE encryption and SHA Hash Algorithm.
• RSA_EXPORT_with_RC4_40_MD5 - This ciphersuite
combines the RSA Export key exchange, stream cipher RC4
encryption with 40-bit keys.
Restrictions Only administrator-level users can issue this command.
Example usage:
To disable the SSL status on the Switch:
DGS-3600:4#disable ssl
Command: disable ssl
Success.
DGS-3600:4#
To disable ciphersuite RSA_EXPORT_with_RC4_40_MD5 only:
DGS-3600:4#disable ssl ciphersuite RSA_EXPORT_with_RC4_40_MD5
Command: disable ssl ciphersuite RSA_EXPORT_with_RC4_40_MD5
Success.
DGS-3600:4#
config ssl cachetimeout timeout
Purpose Used to configure the SSL cache timeout.
Syntax
config ssl cachetimeout <value 60-86400>
Description This command will set the time between a new key exchange between a
client and a host using the SSL function. A new SSL session is established
every time the client and host go through a key exchange. Specifying a
longer timeout will allow the SSL session to reuse the master key on future
connections with that particular host, therefore speeding up the negotiation
process.