Overview – HP 4100GL User Manual

Page 114

Advertising
background image

Configuring Secure Socket Layer (SSL)
Overview

Overview

Feature

Default

Menu

CLI

Web

Generating a Self Signed Certificate on the switch

No

n/a

page 5-9

page 5-13

Generating a Certificate Request on the switch

No

n/a

n/a

page 5-15

Enabling SSL

Disabled

n/a

page 5-17

page 5-19

The Series 4100GL switches use Secure Socket Layer Version 3 (SSLv3) and
support for Transport Layer Security(TLSv1) to provide remote web access
to the switches via encrypted paths between the switch and management
station clients capable of SSL/TLS operation.

N o t e

ProCurve Switches use SSL and TLS for all secure web transactions, and all
references to SSL mean using one of these algorithms unless otherwise noted

SSL provides all the web functions but, unlike standard web access, SSL
provides encrypted, authenticated transactions. The authentication types
include:

Server Certificate authentication with User Password Authentication

N o t e

SSL in the HP Procurve Series 4100GL switches is based on the OpenSSL
software toolkit. For more information on OpenSSL, visit

http://

www.openssl.com

.

Server Certificate authentication with User Password
Authentication .

This option is a subset of full certificate authentication of

the user and host . It occurs only if the switch has SSL enabled. As in figure
5-1, the switch authenticates itself to SSL enabled web browser. Users on SSL
browser then authenticate themselves to the switch (operator and/or manger
levels) by providing passwords stored locally on the switch or on a TACACS+
or RADIUS server. However, the client does not use a certificate to authenti

-

cate itself to the switch.

5-2

Advertising