Brocade Virtual ADX Graphical User Interface Guide (Supporting ADX v03.1.00) User Manual

Page 156

Advertising
background image

144

Brocade Virtual ADX Graphical User Interface Guide

53-1003242-01

SSL profiles

9

Chaining: Select the Enable check box to configure the device to send the entire certificate
chain including the root CA certificate and any intermediate CA certificates when
presenting the certificate to the client.

SSL 2.0: Select the Enable check box to enable SSL 2.0. By default, the device supports
SSL 3.0.

Select the cipher suites you want in the Available Ciphers list and click Add to add to the
Selected Ciphers list, to control the security strength of the SSL handshakes.

5. Click Certificates tab to specify additional options under the SSL profile.

The Certificates page is displayed, as shown in

Figure 116

.

FIGURE 116

Certificates configuration

6. Provide the following information:

Verify Client Certificate: Select the Enable check box to configure the device to verify the
signed certificates of the connecting client. By default, client certificate verification is
disabled. After enabling the certificate verification, select one of the following options:

Per New Connection: To request a client certificate for every new SSL connection.

Per SSL Handshake: To request a client certificate for every SSL handshake.

Certificate Optional: To indicate the client certificate is optional.

Require Certificate for Connection: To indicate the requirement of certificate for the
new connection.

Disable Certificate checking: Select the check box to configure the device to not check for
the SSL certificate during client connection. This is applicable only in SSL proxy mode.

Allow self-signed certificates: Select the check box to enable the Brocade Virtual ADX to
allow self-signed certificates. By default, the Brocade Virtual ADX does not accept
certificates that have been issued by a CA that is not trusted and only accepts certificates
which have been signed by a CA that is configured under the SSL profile.

Chain depth: Specify the maximum certificate chain depth verified. The accepted values
are between 4 and 10. The default value is 4.

CA Certificates: Select the CA certificates from the Available list and click Add to move
them to the Selected list, which can be used by the device in SSL proxy mode. In SSL proxy
mode, the device acts as a client to the real server and requires a valid client certificate to
connect to the real server.

Advertising
Popular Brands
Popular manuals