Chapter 18: Access Management and Security (CLI)
Configuring HTTPS Cipher Hardening (CLI)
phn-3963_008v000
Page 18-17
Configuring HTTPS Cipher Hardening (CLI)
You can configure the PTP 850E to operate in HTTPS strong mode. In HTTPS strong mode, SSLv3, TLSv1.0, and
TLSv1.1 are disabled completely and only certain ciphers are supported in TLSv1.2.
For a list of supported HTTPS ciphers, including an indication of which ciphers are supported in HTTPS strong
mode, refer to
Annex B – Supported Ciphers for Secured Communication Protocols
in the Release Notes for the
CeraOS version you are using.
To set HTTPS strong mode, enter the following command:
root> platform security https-ciphers-hardening-level-set level strong
To set HTTPS normal mode, enter the following command:
root> platform security https-ciphers-hardening-level-set level normal
Note:
The default HTTP cipher mode is normal.
To display the current HTTPS cipher mode, enter the following command:
root> platform security https-ciphers-hardening-level-show