3com MSR 20-20 참조 매뉴얼
2214
C
HAPTER
144: SSL C
ONFIGURATION
C
OMMANDS
rsa_rc4_128_sha: Specifies the key exchange algorithm of RSA, the data
encryption algorithm of 128-bit RC4, and the MAC algorithm of SHA.
encryption algorithm of 128-bit RC4, and the MAC algorithm of SHA.
Description
Use the prefer-cipher command to specify the preferred cipher suite for an SSL
client policy.
client policy.
Use the undo prefer-cipher command to restore the default.
By default, the preferred cipher suite for an SSL client policy is rsa_rc4_128_md5.
Example
# Set the preferred cipher suite for SSL client policy policy1 to
rsa_aes_128_cbc_sha.
rsa_aes_128_cbc_sha.
<Sysname> system-view
[Sysname] ssl client-policy policy1
[Sysname-ssl-client-policy-policy1] prefer-cipher rsa_aes_128_cbc_sha
session
Syntax
session { cachesize size | timeout time } *
undo session { cachesize | timeout } *
View
SSL server policy view
Parameter
cachesize size: Sets the maximum number of cached sessions, in the range 100 to
1,000.
1,000.
timeout time: Sets the caching timeout time, in the range 1,800 to 72,000
seconds.
seconds.
Description
Use the session command to set the maximum number of cached sessions and
the caching timeout time.
the caching timeout time.
Use the undo session command to restore the default.
By default, the maximum number of cached sessions is 500 and the caching
timeout time is 3,600 seconds.
timeout time is 3,600 seconds.
If the number of sessions in the cache reaches the maximum, SSL rejects to cache
new sessions. If a session exists in the cache for a period equal to the caching
timeout time, SSL removes it from the cache.
new sessions. If a session exists in the cache for a period equal to the caching
timeout time, SSL removes it from the cache.
Example
# Set the caching timeout time to 4,000 seconds, and the maximum number of
cached sessions to 600.
cached sessions to 600.
<Sysname> system-view
[Sysname] ssl server-policy policy1
[Sysname-ssl-server-policy-policy1] session timeout 4000 cachesize 600