Filter
Top Products
Configuring Secure Socket Layer (SSL)
Overview
Overview
Feature Default Menu CLI Web
Generating a Self Signed Certificate on the switch No n/a page 7-9 page 7-13
Generating a Certificate Request on the switch No n/a n/a page 7-15
Enabling SSL Disabled n/a page 7-17 page 7-19
The HP ProCurve switches covered by this manual use Secure Socket Layer
Version 3 (SSLv3) and support for Transport Layer Security(TLSv1) to provide
remote web access to the switches via encrypted paths between the switch
and management station clients capable of SSL/TLS operation.
Note HP ProCurve switches use SSL and TLS for all secure web transactions, and
all references to SSL mean using one of these algorithms unless otherwise
noted
SSL provides all the web functions but, unlike standard web access, SSL
provides encrypted, authenticated transactions. The authentication type
includes server certificate authentication with user password authentication.
Note SSL in HP Procurve switches is based on the OpenSSL software toolkit. For
more information on OpenSSL, visit http://www.openssl.com
.
Server Certificate authentication with User Password
Authentication . This option is a subset of full certificate authentication of
the user and host. It occurs only if the switch has SSL enabled. As in figure
7-
1, the switch authenticates itself to SSL enabled web browser. Users on SSL
browser then authenticate themselves to the switch (operator and/or manger
levels) by providing passwords stored locally on the switch or on a TACACS+
or RADIUS server. However, the client does not use a certificate to authenti-
cate itself to the switch.
7-2