Configuring the domain 103
Table 8
Configuring SSL Settings (cont’d.)
/cfg/domain #/server/ssl
followed by:
cachesize <sessions> Sets the size of the SSL cache.
sessions is an integer less than or equal
to 10000 indicating the number of cached
sessions. The default is 4000.
If there are many cache misses, increase the
cachesize value for better performance.
cachettl <ttl> Specifies the maximumtime to live (TTL)value
for items in the SSL cache. After the TTL has
expired, the items are discarded.
ttl is an integer that indicates the TTL
value in seconds (s), minutes (m), hours
(h), or days (d). If you do not specify a
measurement unit, seconds is assumed.
The default is 5m (5 minutes).
cacerts <certificate
index>
Specifies which of the available CA certificates
to use for client authentication.
Not supported in Nortel Secure Network Access
Switch Software Release 1.6.1.
cachain <certificate
index list>
Specifies the CA certificate chain of the server
certificate.
certificate index list is a
comma-separated list of the certificate
index numbers assigned to the certificates in
the chain. The chain starts with the issuing
CA certificate of the server certificate and
can range up to the root CA certificate.
The command explicitly constructs the server
certificate chain. The chain and the server
certificate are sent to the browser.
To clear all specified chain certificates, press
Enter at the prompt to enter the certificate
numbers. At the prompt to confirm that you
want to clear the list, enter yes.
ATTENTION
Nortel Secure Network Access Switch
Using the Command Line Interface
NN47230-100 03.01 Standard
28 July 2008
Copyright © 2007,2008 NortelNetworks
.