No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Fat AP and Cloud AP V200R010C00 Command Reference

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
display ssl policy

display ssl policy

Function

Using the display ssl policy command, you can view information about an SSL policy.

Format

display ssl policy [ policy-name ]

Parameters

Parameter

Description

Value

policy-name

Specifies the name of an SSL policy. If this parameter is not specified, the system displays information about all SSL policies.

The SSL policy name must already exist.

Views

All views

Default Level

1: Monitoring level

Usage Guidelines

This command displays information about all SSL policies or a specified SSL policy.

Example

# Display information about all SSL policies.

<Huawei> display ssl policy
Policy number: 2                                                                
  ------------------------------------------------------------------------------
  policy ID   policy name                        policy type     bind number  
  ------------------------------------------------------------------------------
  1              default_policy                     Server         1
  2              client-users                       Client         0 
  3              server-users                       Server         0 
  ------------------------------------------------------------------------------

# Display information about the client SSL policy client-users.

<Huawei> display ssl policy client-users
  ------------------------------------------------------------------------------
  Policy name                             :   client-users
  Policy ID                               :   2
  Policy type                             :   Client
  Cipher suite                            :   rsa_aes128_sha256
                                              rsa_aes256_sha256
                                              ecdhe_rsa_aes128_gcm_sha256
                                              ecdhe_rsa_aes256_gcm_sha384 
  PKI realm                               :   -
  Version                                 :   tls1.2
  Server verify                           :   1
  CA certificate chain load status        :   unloaded
  CA certificate num                      :   0
  Local certificate load status           :   unloaded
  SSL renegotiation status                :   enable
  Bind number                             :   0
  SSL connection number                   :   0
------------------------------------------------------------------------------
# Display information about server SSL policy server-users.
<Huawei> display ssl policy server-users
  ------------------------------------------------------------------------------
  Policy name                             :   server-users
  Policy ID                               :   3
  Policy type                             :   Server
  Cipher suite                            :   rsa_aes128_sha256
                                              rsa_aes256_sha256
                                              ecdhe_rsa_aes128_gcm_sha256
                                              ecdhe_rsa_aes256_gcm_sha384 
  PKI realm                               :   -
  Version                                 :   tls1.2
  Cache number                            :   128
  Time out(second)                        :   3600
  Local certificate load status           :   unloaded
  CA certificate chain load status        :   unloaded
  SSL renegotiation status                :   enable
  Bind number                             :   0
  SSL connection number                   :   0
  ------------------------------------------------------------------------------
Table 26-106  Description of the display ssl policy command output

Item

Description

Policy name

Name of an SSL policy. To configure an SSL policy, run the ssl policy command.

Policy ID

ID of an SSL policy.

Policy type

Type of an SSL policy: client SSL policy or server SSL policy.

To configure an SSL policy, run the ssl policy command.

Cipher suite

Cipher suite used by the SSL policy.

PKI realm

PKI domain used by the SSL policy. To configure the PKI domain, run the pki-realm command.

Version

Version of the SSL protocol used by the client SSL policy.
  • ssl3.0
  • tls1.0
  • tls1.1
  • tls1.12
To specify the SSL version, run the version (Client SSL policy view) command.

Server verify

Whether the SSL client is enabled to authenticate an SSL server.

  • 1: enabled
  • 0: disabled

CA certificate chain load status

Whether the CA certificate chain has been loaded to the SSL client.

  • loaded: The certificate chain has been loaded to the SSL client.
  • unloaded: The certificate has not been loaded to the SSL client.
  • got but unloaded: The SSL client has obtained the certificate chain but has not loaded it.

CA certificate num

Number of CA certificates in the certificate chain.

Local certificate load status

Local certificate loading status. loaded indicates that the certificate has been loaded. unloaded indicates that the certificate is not loaded. pending indicates that the certificate is being generated.

SSL renegotiation status

SSL renegotiation status.

  • enable
  • disable

Bind number

Whether an SSL policy has been applied to an application layer protocol such as HTTP.

  • 1: yes
  • 0: no
To apply an SSL policy to HTTP, run the http secure-server ssl-policy command.

SSL connection number

Number of SSL connections established by using an SSL policy.

Cache number

Maximum number of sessions that can be saved on the SSL server. To configure a session, run the session command.

Time out(second)

Timeout period of a saved session. To configure a session, run the session command.

Translation
Download
Updated: 2019-11-21

Document ID: EDOC1100064352

Views: 202938

Downloads: 122

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next