SSL Template Configuration Mode Commands

The SSL Template Configuration Mode is used to configure an SSL cryptographic policy. It includes most of the SSL parameters for cryptographic and authentication algorithms.

A P-CSCF service for SSL access will not function without a configured SSL template. Only one SSL template can be configured per P-CSCF service.

IMPORTANT:

The commands or keywords/variables that are available are dependent on platform type, product version, and installed license(s).

ca-certificate

Specifies a list of ca-certificates.

Platform:

ASR 5000

Product:

SCM (P-CSCF, A-BG)


Privilege:

Administrator


Syntax 
ca-certificate list name
list name

Specifies the name(s) of ca-certificate(s), which can be an alpha and/or numeric string of 1 to 129 characters.


Usage:

Use this command to specify a list of ca-certificates for the SSL template.


Example:
The following command specifies the ca-certificate ca_certificate_1 for the SSL template:
ca-certificate list ca_certificate_1
certificate

Used to bind an X.509 trusted certificate to the SSL template.

Platform:

ASR 5000

Product:

SCM (P-CSCF, A-BG)


Privilege:

Administrator


Syntax 
certificate name
name

Specifies the name of a certificate, which can be an alpha and/or numeric string of 1 to 127 characters.


Usage:

Use this command to bind an X.509 certificate to the SSL template.


Example:
The following command binds the X.509 certificate certificate_1 to the SSL template:
certificate certificate_1
cipher-suites

Specifies a list of SSL cipher suites.

Platform:

ASR 5000

Product:

SCM (P-CSCF, A-BG)


Privilege:

Administrator


Syntax 
cipher-suites list name
list name

Specifies the name of an SSL cipher suite, which can be an alpha and/or numeric string of 1 to 127 characters.


Usage:

Use this command to specify an SSL cipher suite for the SSL template.

IMPORTANT:

Currently, the system supports only one SSL cipher suite per SSL template.


Example:
The following command specifies the SSL cipher suite cipher_suite_1 for the SSL template:
cipher-suites list cipher_suite_1
end

Exits the current configuration mode and returns to the Exec mode.

Product:

All


Privilege:

Security Administrator, Administrator


Syntax 
end

Usage:

Use this command to return to the Exec mode.

exit

Exits the current mode and returns to the parent configuration mode.

Product:

All


Privilege:

Security Administrator, Administrator


Syntax 
exit

Usage:

Use this command to return to the parent configuration mode.

version

Specifies the supported version(s) of SSL protocol on the P-CSCF/A-BG.

Platform:

ASR 5000

Product:

SCM (P-CSCF, A-BG)


Privilege:

Administrator


Syntax 
version list { tlsv1 }default version
list { tlsv1 }

Specifies the supported version of SSL protocol to be TLS v0.1.

default

Sets the supported version of SSL protocol to its default value of TLS v0.1.


Usage:

Use this command to specify the supported version(s) of SSL protocol on the P-CSCF/A-BG. Currently, there is only one supported version of SSL protocol, which is TLS v0.1.


Example:
The following command sets the supported version of SSL protocol to TLS v0.1:
version list tlsv1