No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


Fit AP V200R010C00 Command Reference

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
display ssl policy

display ssl policy


Using the display ssl policy command, you can view information about an SSL policy.


display ssl policy




All views

Default Level

1: Monitoring level

Usage Guidelines

This command displays information about all SSL policies or a specified SSL policy.


<Huawei> display ssl policy
Policy number: 2                                                                
  policy ID   policy name                        policy type     bind number  
  1              default_policy                     Server         1
  2              client-users                       Client         0 
  3              server-users                       Server         0 

# Display information about SSL policy.

<Huawei> display ssl policy
  Policy name                             :   default hr srv policy                                                                 
  Policy ID                               :   0                                                                                     
  Policy type                             :   Server                                                                                
  Cipher suite                            :   rsa_aes_128_cbc_sha                                                                   
  PKI realm                               :   -                                                                                     
  Version                                 :   tls1.0 tls1.1 tls1.2                                                                  
  Cache number                            :   8                                                                                     
  Time out(second)                        :   3600                                                                                  
  Local certificate load status           :   loaded                                                                                
  CA certificate chain load status        :   unloaded                                                                              
  SSL renegotiation status                :   enable                                                                                
  Bind number                             :   1                                                                                     
  SSL connection number                   :   0         
Table 13-62  Description of the display ssl policy command output



Policy name

Name of an SSL policy.

Policy ID

ID of an SSL policy.

Policy type

Type of an SSL policy: server SSL policy.

Cipher suite

Cipher suite used by the SSL policy.

PKI realm

PKI domain used by the SSL policy.


Version of the SSL protocol used by the client SSL policy.
  • ssl3.0
  • tls1.0
  • tls1.1
  • tls1.12

Server verify

Whether the SSL client is enabled to authenticate an SSL server.

  • 1: enabled
  • 0: disabled

CA certificate chain load status

Whether the CA certificate chain has been loaded to the SSL client.

  • loaded: The certificate chain has been loaded to the SSL client.
  • unloaded: The certificate has not been loaded to the SSL client.
  • got but unloaded: The SSL client has obtained the certificate chain but has not loaded it.

CA certificate num

Number of CA certificates in the certificate chain.

Local certificate load status

Local certificate loading status. loaded indicates that the certificate has been loaded. unloaded indicates that the certificate is not loaded. pending indicates that the certificate is being generated.

SSL renegotiation status

SSL renegotiation status.

  • enable
  • disable

Bind number

Whether an SSL policy has been applied to an application layer protocol such as HTTP.

  • 1: yes
  • 0: no

SSL connection number

Number of SSL connections established by using an SSL policy.

Cache number

Maximum number of sessions that can be saved on the SSL server.

Time out(second)

Timeout period of a saved session.

Updated: 2019-07-18

Document ID: EDOC1100064353

Views: 126977

Downloads: 98

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Previous Next