Cisco IOS XR System Security Command Reference, Release 3.2
Secure Socket Layer Protocol Commands on Cisco IOS XR Software
Download this chapter
Secure Socket Layer Protocol Commands on Cisco IOS XR SoftwareSecure Socket Layer Protocol Commands on Cisco IOS XR Software
Download the complete book
sr32book.pdfsr32book.pdf (PDF - 2 MB)
give_us_feedback

Table Of Contents

Secure Socket Layer Protocol Commands on Cisco IOS XR Software

show ssl


Secure Socket Layer Protocol Commands on Cisco IOS XR Software

This chapter describes the Cisco IOS XR software commands used to configure the Secure Socket Layer (SSL) protocol.

For detailed information about SSL concepts, configuration tasks, and examples, see the Implementing Secure Socket Layer on Cisco IOS XR Software configuration module.

show ssl

To display active Secure Socket Layer (SSL) sessions, use the show ssl command in EXEC mode.

show ssl [process-id]

Syntax Description

process-id

(Optional) Process ID (PID) of the SSL application. The range is from 1 to 1000000000.


Command Modes

EXEC

Command History

Release
Modification

Release 2.0

This command was introduced on the Cisco CRS-1.

Release 3.0

No modification.

Release 3.2

This command was supported on the Cisco XR 12000 Series Router.


Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

To display a specific process, enter its process ID number. To get a specific process ID number, enter run pidin from the command line or from a shell.

The absence of any argument produces a display that shows all processes that are running SSL.

Examples

The following sample output is from the show ssl command: 

RP/0/RP0/CPU0:router# show ssl


PID			Method			Type			Peer					Port		Cipher-Suite 
============================================================================


1261711			sslv3			Server			172.16.0.5					1296		DES-CBC3-SHA

Table 15 describes the significant fields shown in the display.

Table 15 show ssl Field Descriptions 

Field
Description

PID

Process ID of the SSL application.

Method

Protocol version (sslv2, sslv3, sslv23, or tlsv1).

Type

SSL client or server.

Peer

IP address of the SSL peer.

Port

Port number on which the SSL traffic is sent.

Cipher-Suite

Exact cipher suite chosen for the SSL traffic. The first portion indicates the encryption, the second portion the hash or integrity method. In the sample display, the encryption is Triple DES and the Integrity (message digest algorithm) is SHA.


Related Commands

Command
Description

run pidin

Displays the process ID for all processes that are running.