Manualshelf

Installation guide

ManualsBrandsCisco ManualsComputer equipmentExplorer 4700
341342343344345346347348349350
9-21
Device Manager Guide, Cisco ACE 4700 Series Application Control Engine Appliance
OL-26645-02
Chapter 9 Configuring SSL
Configuring SSL Parameter Maps
Table 9-9
Table 9-10 Cipher suites supported by TLS 1.2
Step 10
In the Ignore Authentication Failure field, check the check box to ignore expired or invalid client or
server certificates and to continue setting up the SSL connection. Clear the check box to return to the
default setting of disabled. This field allows the ACE appliance to ignore the following nonfatal errors
with respect to either client certificates for SSL termination configurations, or server certificates for SSL
initiation configurations:
Certificate not yet valid (both)
Certificate has expired (both)
Certificate revoked (both)
Unknown issuer (both)
No client certificate (client certificate only)
CRL not available (client certificate only)
CRL has expired (client certificate only)
Certificate has signature failure (client certificate only)
Certificate other error (client certificate only)
Step 11 Do the following:
Click Deploy Now to deploy this configuration on the ACE appliance. The updated Parameter Map
screen appears along with the Parameter Map Cipher table. Continue with Step 12.
Click Cancel to exit this procedure without saving your entries and to return to the Parameter Map
table.
Click Next to save your entries and to define another parameter map.
Cipher Suite Name Cipher Suite Number
RSA_WITH_RC4_128_MD5 { 0x00,0x04 }
RSA_WITH_RC4_128_SHA { 0x00,0x05 }
RSA_WITH_3DES_EDE_CBC_SHA { 0x00,0x0A }
RSA_WITH_AES_128_CBC_SHA { 0x00,0x2F }
RSA_WITH_AES_256_CBC_SHA { 0x00,0x35 }
RSA_WITH_AES_128_CBC_SHA256 { 0x00,0x3C }