2210 CHAPTER 144: SSL CONFIGURATION COMMANDS

client-verify enable

Syntax client-verify enable

undo client-verify enable

View SSL server policy view

Parameter None

Description Use the client-verify enable command to enable certificate-based SSL client authentication, that is, to enable the SSL server to perform certificate-based authentication of the client during the SSL handshake process.

Use the undo client-verify enable command to restore the default.

By default, certificate-based SSL client authentication is disabled.

Example # Enable certificate-based client authentication.

<Sysname> system-view

[Sysname] ssl server-policy policy1

[Sysname-ssl-server-policy-policy1] client-verify enable

close-mode wait

Syntax close-mode wait

undo close-mode wait

View SSL server policy view

Parameter None

Description Use the close-mode wait command to set the SSL connection close mode to wait. In this mode, after sending a close-notify message to a client, the server does not close the connection until it receives a close-notify message from the client.

Use the undo close-mode wait command to restore the default.

By default, an SSL server sends a close-notify alert message to the client and close the connection without waiting for the close-notify alert message from the client.

Example # Set the SSL connection close mode to wait.

<Sysname> system-view

[Sysname] ssl server-policy policy1

[Sysname-ssl-server-policy-policy1] close-mode wait

Page 2210
Image 2210
3Com MSR 30, MSR 50 manual Client-verify enable, Close-mode wait, Syntax client-verify enable Undo client-verify enable