ecdh group

Function

The ecdh group command configures elliptic curve parameter values for ECDHE algorithm suite.

The undo ecdh group command restores the default values of the parameters of the elliptic curve.

By default, the default elliptic curve parameter values of the ECDHE algorithm are Curve and Brainpool.

Format

ecdh group { nist | curve | brainpool } *

undo ecdh group

Parameters

Parameter Description Value
nist

Sets the parameter value of the elliptic curve to Nist.

-
curve

Sets the parameter value of the elliptic curve to Curve.

-
brainpool

Sets the elliptic curve parameter to Brainpool.

-

Views

SSL policy view

Default Level

3: Management level

Task Name and Operations

Task Name Operations
ssl write

Usage Guidelines

Usage Scenario

You can run this command to modify the elliptic curve parameter settings of the ECDHE algorithm.

Precautions

One or more elliptic curve parameter values can be configured for ECDHE.

The configured elliptic curve parameter values take effect only after the ECDHE algorithm suite is obtained through SSL negotiation.

Example

# Configure the ecdh group parameter for an SSL policy.
<HUAWEI> system-view
[~HUAWEI] ssl policy a
[*HUAWEI-ssl-policy-a] ecdh group nist curve brainpool
Parent Topic: SSL Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >