HP 6125G HP 6125G & 6125G/XG Blade Switches Security Command Reference - Page 244

Description Use client-verify weaken to enable SSL client weak authentication. Use undo client-verify weaken to restore the default. By default, SSL client weak authentication is disabled. If the SSL server requires certificate-based client authentication and the SSL client weak authentication function is enabled, whether the client must be authenticated is up to the client. If the client chooses to be authenticated, the client must pass authentication before accessing the SSL server; otherwise, the client can access the SSL server without authentication. If the SSL server requires certificate-based client authentication and SSL client weak authentication is disabled, the SSL client must pass authentication before accessing the SSL server. NOTE: The client-verify weaken command takes effect only when the SSL server requires certificate-based client authentication. Related commands: client-verify enable and display ssl server-policy. Examples # Enable SSL client weak authentication. system-view [Sysname] ssl server-policy policy1 [Sysname-ssl-server-policy-policy1] client-verify enable [Sysname-ssl-server-policy-policy1] client-verify weaken close-mode wait Syntax close-mode wait View undo close-mode wait SSL server policy view Default level 2: System level Parameters None Description Use close-mode wait to set the SSL connection close mode to wait mode. In this mode, after sending a close-notify alert message to a client, the server does not close the connection until it receives a close-notify alert message from the client. Use undo close-mode wait to restore the default. By default, an SSL server sends a close-notify alert message to the client and closes the connection without waiting for the close-notify alert message from the client. Related commands: display ssl server-policy. 235