xStack Gigabit Layer 3 Switch Command Line Interface Manual
Each command is listed, in detail, in the following sections.
enable ssl
Purpose
To enable the SSL function on the Switch.
Syntax
enable ssl {ciphersuite {RSA_with_RC4_128_MD5 |
RSA_with_3DES_EDE_CBC_SHA |
DHE_DSS_with_3DES_EDE_CBC_SHA |
RSA_EXPORT_with_RC4_40_MD5}}
Description
This command will enable SSL on the Switch by implementing any
one or combination of listed ciphersuites on the Switch. Entering this
command without a parameter will enable the SSL status on the
Switch. Enabling SSL will disable the web-manager on the Switch.
Parameters
ciphersuite
- A security string that determines the exact
cryptographic parameters, specific encryption algorithms and key
sizes to be used for an authentication session. The user may choose
any combination of the following:
The ciphersuites are enabled by default on the Switch, yet the SSL
status is disabled by default. Enabling SSL with a ciphersuite will not
enable the SSL status on the Switch.
Restrictions Only
administrator-level users can issue this command.
RSA_with_3DES_EDE_CBC_SHA -
This ciphersuite
combines the RSA key exchange, CBC Block Cipher
3DES_EDE encryption and the SHA Hash Algorithm.
RSA_with_RC4_128_MD5
– This ciphersuite combines the
RSA key exchange, stream cipher RC4 encryption with 128-bit
keys and the MD5 Hash Algorithm.
DHE_DSS_with_3DES_EDE_CBC_SHA -
This ciphersuite
combines the DSA Diffie Hellman key exchange, CBC Block
Cipher 3DES_EDE encryption and SHA Hash Algorithm.
RSA_EXPORT_with_RC4_40_MD5 -
This ciphersuite
combines the RSA Export key exchange, stream cipher RC4
encryption with 40-bit keys.
Example usage:
To enable SSL on the Switch for all ciphersuites:
DGS-3324SRi:4#enable ssl
Command:enable ssl
Note: Web will be disabled if SSL is enabled.
Success.
DGS-3324SRi:4#
NOTE:
Enabling SSL on the Switch will enable all ciphersuites, upon initial
configuration. To utilize a particular ciphersuite, the user must eliminate
other ciphersuites by using the
disable ssl
command along with the
appropriate ciphersuites.
194