Feedback
Secure Socket Layer Protocol Commands
This module describes the commands used to configure the Secure Socket Layer (SSL) protocol.
For detailed information about SSL concepts, configuration tasks, and examples, see the Implementing Secure Socket Layer on Cisco IOS XR Software module in the Cisco IOS XR System Security Configuration Guide for the Cisco XR 12000 Series Router.
show ssl
Syntax Description
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
To display a specific process, enter the process ID number. To get a specific process ID number, enter run pidin from the command line or from a shell.
The absence of any argument produces a display that shows all processes that are running SSL.
Task ID
Examples
The following sample output is from the show ssl command:
RP/0/0/CPU0:router# show ssl PID Method Type Peer Port Cipher-Suite ============================================================================ 1261711 sslv3 Server 172.16.0.5 1296 DES-CBC3-SHATable 1 describes the fields shown in the display.
Table 1 show ssl Field Descriptions Field
Description
PID
Process ID of the SSL application.
Method
Protocol version (sslv2, sslv3, sslv23, or tlsv1).
Type
SSL client or server.
Peer
IP address of the SSL peer.
Port
Port number on which the SSL traffic is sent.
Cipher-Suite
Exact cipher suite chosen for the SSL traffic. The first portion indicates the encryption, the second portion the hash or integrity method. In the sample display, the encryption is Triple DES and the Integrity (message digest algorithm) is SHA.