D-Link xStackTM DGS/DXS-3300 Series Switch User Manual


  Open as PDF
of 362
 
xStack DGS/DXS-3300 Series Layer 3 Stackable Gigabit Ethernet Switch CLI Manual
185
enable ssl
Purpose To enable the SSL function on the Switch.
Syntax
enable ssl {ciphersuite {RSA_with_RC4_128_MD5 |
RSA_with_3DES_EDE_CBC_SHA |
DHE_DSS_with_3DES_EDE_CBC_SHA |
RSA_EXPORT_with_RC4_40_MD5}}
Description This command will enable SSL on the Switch by implementing any
one or combination of listed ciphersuites on the Switch. Entering this
command without a parameter will enable the SSL status on the
Switch. Enabling SSL will disable the web-manager on the Switch.
Parameters ciphersuite - A security string that determines the exact
cryptographic parameters, specific encryption algorithms and key
sizes to be used for an authentication session. The user may choose
any combination of the following:
RSA_with_RC4_128_MD5 – This ciphersuite combines the
RSA key exchange, stream cipher RC4 encryption with 128-bit
keys and the MD5 Hash Algorithm.
RSA_with_3DES_EDE_CBC_SHA - This ciphersuite
combines the RSA key exchange, CBC Block Cipher
3DES_EDE encryption and the SHA Hash Algorithm.
DHE_DSS_with_3DES_EDE_CBC_SHA - This ciphersuite
combines the DSA Diffie Hellman key exchange, CBC Block
Cipher 3DES_EDE encryption and SHA Hash Algorithm.
RSA_EXPORT_with_RC4_40_MD5 - This ciphersuite
combines the RSA Export key exchange, stream cipher RC4
encryption with 40-bit keys.
The ciphersuites are enabled by default on the Switch, yet the SSL
status is disabled by default. Enabling SSL with a ciphersuite will not
enable the SSL status on the Switch.
Restrictions Only administrator-level users can issue this command.
Example usage:
To enable SSL on the Switch for all ciphersuites:
DGS-3324SRi:4#enable ssl
Command:enable ssl
Note: Web will be disabled if SSL is enabled.
Success.
DGS-3324SRi:4#
NOTE: Enabling SSL on the Switch will enable all ciphersuites, upon initial
configuration. To utilize a particular ciphersuite, the user must eliminate
other ciphersuites by using the disable ssl command along with the
appropriate ciphersuites.
 previous next