2 ssl configuration task list, Onfiguration – QTECH QSW-3400 Инструкция по настройке User Manual

+7(495) 797-3311 www.qtech.ru
Москва, Новозаводская ул., 18, стр. 1

361

will be forwarded to the other program in sequence, lose packet and re-forwarding will not

appear. A lot of transmission protocols can provide such kind of service in theory, but in actual

application, SSL is almost running on TCP, and not running on UDP and IP directly.

When web function is running on the switch and client visit our web site through the internet

browser, we can use SSL function. The communication between client and switch through SSL

connect can improve the security.

Firstly, SSL should be enabled on the switch. When the client tries to access the switch

through https method, a SSL session will be set up between the switch and the client. When

the SSL session has been set up, all the data transmission in the application layer will be

encrypted.

SSL handshake is done when the SSL session is being set up. The switch should be able to

provide certification keys. Currently the keys provided by the switch are not the formal

certification keys issued by official authentic, but the private certification keys generated by

SSL software under Linux which may not be recognized by the web browser. With regard to

the switch application, it is not necessary to apply for a formal SSL certification key. A private

certification key is enough to make the communication safe between the users and the switch.

Currently it is not required that the client is able to check the validation of the certification key.

The encryption key and the encryption method should be negotiated during the handshake

period of the session which will be then used for data encryption.

SSL session handshake process:

46.2 SSL Configuration Task List

1. Enable/disable SSL function