Specifications

xStack DGS-3400 Series Layer 2 Gigabit Managed Switch CLI Manual
disable ssl
Purpose To disable the SSL function on the Switch.
Syntax
disable ssl {ciphersuite {RSA_with_RC4_128_MD5 |
RSA_with_3DES_EDE_CBC_SHA |
DHE_DSS_with_3DES_EDE_CBC_SHA |
RSA_EXPORT_with_RC4_40_MD5}}
Description This command will disable SSL on the Switch and can be used to
disable any one or combination of listed ciphersuites on the Switch.
ciphersuite - A security string that determines the exact cryptographic
parameters, specific encryption algorithms and key sizes to be used
for an authentication session. The user may choose any combination
of the following:
Restrictions Only administrator-level users can issue this command.
Parameters
RSA_with_RC4_128_MD5 – This ciphersuite combines the
RSA key exchange, stream cipher RC4 encryption with 128-bit
keys and the MD5 Hash Algorithm.
RSA_with_3DES_EDE_CBC_SHA - This ciphersuite
combines the RSA key exchange, CBC Block Cipher
3DES_EDE encryption and the SHA Hash Algorithm.
DHE_DSS_with_3DES_EDE_CBC_SHA - This ciphersuite
combines the DSA Diffie Hellman key exchange, CBC Block
Cipher 3DES_EDE encryption and SHA Hash Algorithm.
RSA_EXPORT_with_RC4_40_MD5 - This ciphersuite
combines the RSA Export key exchange, stream cipher RC4
encryption with 40-bit keys.
Example usage:
To disable the SSL status on the Switch:
DGS-3400:4#disable ssl
Command: disable ssl
Success.
DGS-3400:4#
To disable ciphersuite RSA_EXPORT_with_RC4_40_MD5 only:
DGS-3400:4#disable ssl ciphersuite RSA_EXPORT_with_RC4_40_MD5
Command: disable ssl ciphersuite RSA_EXPORT_with_RC4_40_MD5
Success.
DGS-3400:4#
config ssl cachetimeout timeout
Purpose Used to configure the SSL cache timeout.
config ssl cachetimeout timeout <value 60-86400>
Description This command will set the time between a new key exchange between a
client and a host using the SSL function. A new SSL session is
established every time the client and host go through a key exchange.
Specifying a longer timeout will allow the SSL session to reuse the
master key on future connections with that particular host, therefore
speeding up the negotiation process.
Parameters
Syntax
260
timeout <value 60-86400> - Enter a timeout value between 60 and 86400
d t if th t t l ti SSL k h ID t lid