Login

WelcomeuserNew H3C退出

Country / Region

Contact Sales Online Exhibition Center Resource Center Become a Partner
Back

04-Objects

HomeSupportConfigure & DeployH3C Firewall Products Comware 7 Web Configuration Guide-6W40204-Objects
Table of Contents
Related Documents
14-SSL
Title Size Download
14-SSL 21.16 KB

SSL

Introduction

Secure Sockets Layer (SSL) is a cryptographic protocol that provides communication security for TCP-based application layer protocols such as HTTP. SSL has been widely used in applications such as e-business and online banking to provide secure data transmission over the Internet.

SSL provides the following security services:

·     Privacy—SSL uses a symmetric encryption algorithm to encrypt data. It uses the asymmetric key algorithm of RSA to encrypt the key used by the symmetric encryption algorithm.

·     Authentication—SSL uses certificate-based digital signatures to authenticate the SSL server and client. The SSL server and client obtain digital certificates through PKI.

·     Integrity—SSL uses the message authentication code (MAC) to verify message integrity.

Restrictions and guidelines

·     The SSL protocol versions include SSL 2.0, SSL 3.0, TSL 1.0 (or SSL 3.1), TLS 1.1, TLS 1.2, and GM-TLS1.1. As an SSL server, the device can communicate with clients running SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2, or GM-TLS1.1. When the server receives an SSL 2.0 Client Hello message from a client, it notifies the client to use a later SSL version for communication.

·     An SSL server policy defines a set of SSL parameters used by the SSL server, including the PKI domain and the supported cipher suites. An SSL server policy takes effect only after it is associated with an application such as HTTPS.

·     An SSL client policy defines a set of SSL parameters used by the SSL client, including the PKI domain and the preferred cipher suite. The SSL client uses the settings in the client policy to establish a connection to the server. An SSL client policy takes effect only after it is associated with an application, such as DDNS.

·     If the configuration in an SSL server or client policy changes, you must re-enable the services that use that SSL server or client policy to apply the new configuration.

·     If you modify the SSL protocol version in Advanced Settings, you must re-enable the services that use the default SSL policy to apply the new SSL protocol version.

  • Cloud & AI
  • InterConnect
  • Intelligent Computing
  • Security
  • SMB Products
  • Intelligent Terminal Products

Cloud & AI

H3C Workspace Cloud Desktop

Learn more

H3C UIS 3000 G5 HCI

Learn more

InterConnect

Intelligent Computing

H3C UniServer R4900 G5 Server

Learn more

Security

Situational Awareness

Learn more

Zero Trust Security Solution

Learn more

SMB Products

Intelligent Terminal Products

Industry Solutions

The Government Cloud “1+N+N+1” Innovation Model Becomes a Template

Learn more

Strong Support for the G20 Hangzhou Summit

Learn more
  • Product Support Services
  • Technical Service Solutions
All Services

Product Support Services

Technical Service Solutions

  • Resource Center
  • Policy
  • Online Help
All Support

Resource Center

Policy

Online Help

Training & Certification

  • Become a Partner
  • Partner Resources
  • Partner Business Management
All Partners

Become a Partner

Partner Resources

Partner Business Management

  • Profile
  • News & Events
  • Online Exhibition Center
  • Contact Us
All About Us

Company Information

News & Events

Online Exhibition Center

Contact Us

新华三官网