User`s guide

ManualsBrandsDigi ManualsComputer equipmentTransPort WR44v2

221

222

223

224

225

226

227

228

229

230

228

digest algorithm and SSLv3 represents all SSL v3 algorithms. Lists of cipher suites can be

combined in a single cipher string using the “+” character. This forms the logical AND

operation. For example, SHA1+DES represents all cipher suites containing SHA1 and DES

algorithms. If left empty, the cipher list is not used.

For more information see: http://www.openssl.org/docs/apps/ciphers.html

Apply to Destination IP Address

The value in this text box allows the configuration of multiple SSL destinations, each having

a different certificate/key pair. When set, this parameter will lock the SSL client settings to

a specific IP address. If this parameter is left blank, the configured SSL client settings will

be used for any connection that requires SSL.

As is usual with the tables on the configuration web pages, the relevant and appropriate

parameters are selected and the Add button on the right-hand side is clicked to add the

entry into the table. Once an entry has been added, it may be removed by clicking the

Delete button that will appear in the right-hand column.

Verify Server Certificate

This parameter allows enabling server certificate verification. When enabled, if the server

certificate chain is unable to be verified (need CA certificate installed onto the unit), the SSL

negotiation will fail.

Related CLI Commands

Entity

Instance

Parameter

Values

Equivalent Web Parameter

sslcli 0 - 5 certfile

Up to 12

characters (DOS

8.3 format)

Client Certificate Filename

sslcli 0 - 5 keyfile

Up to 12

characters (DOS

8.3 format)

Client Private Key Filename

sslcli 0 - 5 cipherlist

Colon-separated

list of ciphers

Cipher List

sslcli 0 - 5 IPaddr Apply to Destination IP Address

sslcli 0 - 5 verify OFF,ON

Verify Server Certificate

SSL Server

Configuration – Network > SSL > SSL Server

This page describes the parameters needed to configure the SSL server.

Server Certificate Filename

The file containing the server certificate is selected from this drop-down list.

Client Private Key Filename

The file containing the private key that matches the above certificate is selected from this

drop-down list.

SSL Version

The version of the SSL protocol to use, is selected from this drop-down list. Selecting “Any”

allows the use of any version. The available options are:

• Any

• TLSv1 only