< Home

ssl minimum version

Function

The ssl minimum version command configures a minimum SSL version for an SSL policy.

The undo ssl minimum version command restores the default version.

By default, the minimum SSL version used by an SSL policy is TLS1.2.

Format

ssl minimum version { tls1.1 | tls1.2 }

undo ssl minimum version

Parameters

Parameter Description Value

tls1.1

Sets the minimum SSL version to TLS1.1 for an SSL policy.

-

tls1.2

Sets the minimum SSL version to TLS1.2 for an SSL policy.

-

Views

SSL policy view

Default Level

3: Management level

Usage Guidelines

Usage Scenario

To configure a minimum SSL version for an SSL policy, run the ssl minimum version command so that service modules can flexibly adopt the SSL policy.

The SSL versions supported by SSL policies include TLS1.1 and TLS1.2 in ascending order of security.

Precautions

The system software does not support the tls1.0 parameter. To use the tls1.0 parameter, you need to install the WEAKEA plug-in. For higher security purposes, you are advised to specify the tls1.2 parameter.

Example

# Configure the minimum SSL version for the SSL policy ftp_server to be TLS1.2.

<HUAWEI> system-view
[HUAWEI] ssl policy ftp_server
[HUAWEI-ssl-policy-ftp_server] ssl minimum version tls1.2
Parent Topic: File Management Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >