Perle Systems MDC, SDS Set SSL Server

Server Commands

24 IOLAN SDS/SCS/STS/MDC CLI Reference Guide, Version 3.7

Set SSL Server

session-escape-string

A configurable string that allows access to a port to view the multisession screen

options, allowing the various options while accessing the particular port on the

IOLAN. You can specify control (unprintable) codes by putting the decimal value in

angle brackets < > (for example, ESC-b is <027>b). The default value is Ctrl-z s

(<026>s in decimal).

retry

The number of times the IOLAN will retry to transmit a TPFT packet to/from a host

when no response is received. Enter a value between 0 and 5. The default is 5. A value

of 0 (zero) means that the IOLAN will not attempt a retry should TFTP fail.

timeout

The time, in seconds, that the IOLAN will wait for a successful transmit or receipt of

TFTP packets before retrying a TFTP transfer. Enter a value between 3 and 10. The

default is 3 seconds.

ssl-passphrase

This is the SSL/TLS passphrase used to generate an encrypted RSA/DSA private key.

This private key and passphrase are required for both HTTPS and SSL/TLS

connections, unless an unencrpyted private key was generated, then the SSL passphrase

is not required. Make sure that you download the SSL private key and certificate if you

are using the secure HTTP option (HTTPS) or SSL/TLS. If both RSA and DSA private

keys are downloaded to the IOLAN, they need to be generated using the same SSL

passphrase for both to work.

Description Sets the default SSL/TLS parameters for the server.

User Level Admin

Syntax set ssl server [version any|tslv1|sslv3] [type client|server]

[verify-peer on|off]

[validation-criteria

country <code>|state-province <text>|locality <text>

|organisation <text>|organisation-unit <text>

|common-name <text>|email <email_addr>]

Options version

Specify whether you want to use:

zAny—The IOLAN will try a TLSv1 connection first. If that fails, it will try an

SSLv3 connection. If that fails, it will try an SSLv2 connection.

zTLSv1—The connection will use only TLSv1.

zSSLv3—The connection will use only SSLv3.

The default is Any.

type

Specify whether the IOLAN will act as an SSL/TLS client or server. The default is

Client.

verify-peer

Enable this option when you want the Validation Criteria to match the Peer Certificate

for authentication to pass. If you enable this option, you need to download an SSL/TLS

certificate authority (CA) list file to the IOLAN.