Add_workflow_for_techpubs | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
|
The
Spacevars | ||
---|---|---|
|
...
. The SBC supports SHA-256 for certificate verification.
...
You can configure only one EMA TLS Profile
...
at any given time.
Excerpt Include OneCertificateSupport OneCertificateSupport nopanel true
Note |
---|
...
You can configure up to |
...
20 client CA certifications (using separate 'set' commands) for an EMA TLS Profile. |
Warning |
---|
PC Java Configuration supports TLS 1.0 only by default. When you disable EmaTlsProfile v1_0 |
...
, enable the corresponding Java Configuration for TLS support |
...
. See the example below |
...
for the Windows environment |
...
. |
To enable TLS support in Windows:
Code Block | ||
---|---|---|
| ||
% set profiles security EmaTlsProfile <EMA TLS profile name>
ClientCaCert <CA certificate name>
authClient <false | true>
ocspProfileName <OCSP profile name>
serverCertName <server certificate>
v1_0 <disabled | enabled>
v1_1 <disabled | enabled>
v1_2 <disabled | enabled>
% show profiles security EmaTlsProfile <EMA TLS profile name> ClientCaCert <CA certificate name>
% delete profiles security EmaTlsProfile <EMA TLS profile name> ClientCaCert <CA certificate name> |
The EMA TLS Profile parameters are as shown below:
Caption | ||||
---|---|---|---|---|
| ||||
|
Parameter | Length/Range | Description | |
---|---|---|---|
<EMA TLS Profile name> | 1-23 characters | The name of the EMA TLS Profile.
|
...
|
...
| ||
ClientCaCert | N/A | The name of the EMA-CA certificate associated with this EMA-TLS profile. |
authClient | N/A |
...
Set flag to "true" to force the EMA-TLS client to authenticate itself within TLS. If this field is set false,
| ||
ocspProfileName | N/A | The name of the OCSP profile associated with this EMA-TLS profile. |
serverCertName | N/A | The name of the server certificate associated with this EMA-TLS profile. |
v1_0 | N/A | TLS protocol version 1.0
|
v1_1 | N/A | TLS protocol version 1.1
|
v1_2 | N/A | TLS protocol version 1.2
|
Code Block | ||
---|---|---|
| ||
% show profiles security EmaTlsProfile
EmaTlsProfile defaultEmaTlsProfile {
authClient true;
serverCertName defaultSBCCert;
v1_0 disabled;
v1_1 disabled;
v1_2 enabled;
} |
...
|