HP 6120G/XG HP ProCurve Series 6120 Blade Switches Access Security Guide - Page 254
Overview, Configuring Secure Socket Layer SSL, Feature, Default
View all HP 6120G/XG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 254 highlights
Configuring Secure Socket Layer (SSL) Overview Overview Feature Generating a Self Signed Certificate on the switch Generating a Certificate Request on the switch Enabling SSL Default No No Disabled Menu n/a n/a n/a CLI page 7-8 n/a page 7-17 Web page 7-12 page 7-15 page 7-19 The switches covered in this guide use Secure Socket Layer Version 3 (SSLv3) and support for Transport Layer Security(TLSv1) to provide remote web access to the switches via encrypted paths between the switch and management station clients capable of SSL/TLS operation. Note ProCurve Switches use SSL and TLS for all secure web transactions, and all references to SSL mean using one of these algorithms unless otherwise noted SSL provides all the web functions but, unlike standard web access, SSL provides encrypted, authenticated transactions. The authentication type includes server certificate authentication with user password authentication. Note SSL in the switches covered in this guide is based on the OpenSSL software toolkit. For more information on OpenSSL, visit www.openssl.com. Server Certificate authentication with User Password Authentication . This option is a subset of full certificate authentication of the user and host. It occurs only if the switch has SSL enabled. As in figure 71, the switch authenticates itself to SSL enabled web browser. Users on SSL browser then authenticate themselves to the switch (operator and/or manger levels) by providing passwords stored locally on the switch or on a TACACS+ or RADIUS server. However, the client does not use a certificate to authenticate itself to the switch. 7-2