[x]

SSL configuration commands > client-verify enable

 

 Next

client-verify enable

Syntax

client-verify enable

undo client-verify enable

View

SSL server policy view

Default level

2: System level

Parameters

None

Description

Use client-verify enable to configure the SSL server to require the client to pass certificate-based authentication.

Use undo client-verify enable to restore the default.

By default, the SSL server does not require certificate-based SSL client authentication.

If you configure the client-verify enable command and enable the SSL client weak authentication function, whether the client must be authenticated is up to the client. If the client chooses to be authenticated, the client must pass authentication before accessing the SSL server; otherwise, the client can access the SSL server without authentication.

If you configure the client-verify enable command but disable the SSL client weak authentication function, the SSL client must pass authentication before accessing the SSL server.

Related commands: client-verify weaken and display ssl server-policy.

Examples

# Configure the SSL server to require certificate-based SSL client authentication.

<Sysname> system-view
[Sysname] ssl server-policy policy1
[Sysname-ssl-server-policy-policy1] client-verify enable

prev

 

up

 next

ciphersuite 

home

 client-verify weaken

© Copyright 2016 Hewlett Packard Enterprise Development LP