Support User Manuals

D-Link DGS-3600 Switch User Manual

Open as PDF

of 757

xStack

®

DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch CLI Manual

617

enable ssl

Purpose To enable the SSL function on the Switch.

Syntax

enable ssl {ciphersuite {RSA_with_RC4_128_MD5 | RSA_with_3DES_EDE_CBC_SHA |

DHE_DSS_with_3DES_EDE_CBC_SHA | RSA_EXPORT_with_RC4_40_MD5}}

Description This command will enable SSL on the Switch by implementing any one or combination of listed

ciphersuites on the Switch. Entering this command without a parameter will enable the SSL

status on the Switch. Enabling SSL will disable the web-manager on the Switch.

Parameters

ciphersuite – A security string that determines the exact cryptographic parameters, specific

encryption algorithms and key sizes to be used for an authentication session. The user may

choose any combination of the following:

• RSA_with_RC4_128_MD5 – This ciphersuite combines the RSA key exchange,

stream cipher RC4 encryption with 128-bit keys and the MD5 Hash Algorithm.

• RSA_with_3DES_EDE_CBC_SHA – This ciphersuite combines the RSA key

exchange, CBC Block Cipher 3DES_EDE encryption and the SHA Hash Algorithm.

• DHE_DSS_with_3DES_EDE_CBC_SHA – This ciphersuite combines the DSA Diffie

Hellman key exchange, CBC Block Cipher 3DES_EDE encryption and SHA Hash

Algorithm.

• RSA_EXPORT_with_RC4_40_MD5 – This ciphersuite combines the RSA Export key

exchange, stream cipher RC4 encryption with 40-bit keys.

The ciphersuites are enabled by default on the Switch, yet the SSL status is disabled by

default. Enabling SSL with a ciphersuite will not enable the SSL status on the Switch.

Restrictions Only Administrator and Operator-level users can issue this command.

Example usage:

To enable SSL on the Switch for all ciphersuites:

DGS-3627:admin# enable ssl

Command:enable ssl

Note: Web will be disabled if SSL is enabled.

Success.

DGS-3627:admin#

NOTE: Enabling SSL on the Switch will enable all ciphersuites. To utilize a particular

ciphersuite, the user must eliminate other ciphersuites by using the disable ssl command along

with the appropriate ciphersuites.

NOTE: Enabling the SSL function on the Switch will disable the port for the web manager (port

80). To log on to the web based manager, the entry of your URL must begin with https://. (ex.

https://10.90.90.90)

previous next