Add_workflow_for_techpubs | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
|
...
The
Spacevars | ||
---|---|---|
|
...
You can configure only one EMA TLS Profile
...
at any given time.
Excerpt Include
...
OneCertificateSupport
...
OneCertificateSupport nopanel true
Note |
---|
...
You can configure up to three client CA certifications (using separate 'set' commands) for an EMA TLS Profile. |
Warning |
---|
PC Java Configuration supports TLS 1.0 only by default. When you disable EmaTlsProfile v1_0 |
...
, enable the corresponding Java Configuration for TLS support |
...
. See the example below |
...
for the Windows environment |
...
. |
To enable TLS support in Windows:
Code Block | ||
---|---|---|
| ||
% set profiles security EmaTlsProfile <EMA TLS profile name> ClientCaCert <CA certificate name> authClient <false | true> ocspProfileName <OCSP profile name> serverCertName <server certificate> v1_0 <disabled | enabled> v1_1 <disabled | enabled> v1_2 <disabled | enabled> ciphersuite <ciphersuite name> % show profiles security EmaTlsProfile <EMA TLS profile name> ClientCaCert <CA certificate name> |
...
% delete profiles security EmaTlsProfile <EMA TLS profile name> ClientCaCert <CA certificate name> % show profiles security EmaTlsProfile <EMA TLS profile name> ciphersuite <ciphersuite name> % delete profiles security EmaTlsProfile <EMA TLS profile name> ciphersuite <ciphersuite name> |
The EMA TLS Profile parameters are as shown below:
Caption | ||||
---|---|---|---|---|
|
...
Parameter | Length/Range | Description |
---|---|---|
<EMA TLS Profile name> | 1-23 characters | The name of the EMA TLS Profile. |
...
Note: You can configure only |
...
one EMA TLS Profile |
...
at any given time. | ||
ClientCaCert | N/A | The name of the EMA-CA certificate associated with this EMA-TLS profile. |
authClient | N/A |
...
Set flag to "true" to force the EMA-TLS client to authenticate itself within TLS. If this field is set false,
| ||
ocspProfileName | N/A | The name of the OCSP profile associated with this EMA-TLS profile. |
serverCertName | N/A | The name of the server certificate associated with this EMA-TLS profile. |
v1_0 | N/A | TLS protocol version 1.0
|
v1_1 | N/A | TLS protocol version 1.1
|
v1_2 | N/A | TLS protocol version 1.2
|
ciphersuite | N/A | The EMA TLS Ciphersuite choice for this profile. See Supported ciphersuites for the list of supported ciphersuites. |
Anchor | ||||
---|---|---|---|---|
|
The following 12 SSL ciphersuites are supported initially in this feature. This list may change in the future based on requirements.
Caption | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Code Block | ||
---|---|---|
| ||
% show profiles security EmaTlsProfile EmaTlsProfile defaultEmaTlsProfile { authClient true; serverCertName defaultSBCCert; v1_0 disabled; v1_1 disabled; v1_2 enabled; ciphersuite AES128-GCM-SHA256 } |
...
|