display ssl policy

Function

The display ssl policy command displays the Secure Sockets Layer (SSL) policy configuration.

Format

display ssl policy [ policyName ]

Parameters

Parameter	Description	Value
policyName	Specifies the name of an SSL policy. If no SSL policy is specified, the configurations of all SSL policies will be displayed.	The value is a string of 1 to 23 case-insensitive characters, containing letters, digits, and underscores (_), spaces not supported.

Parameter

Description

Value

policyName

Specifies the name of an SSL policy.

If no SSL policy is specified, the configurations of all SSL policies will be displayed.

The value is a string of 1 to 23 case-insensitive characters, containing letters, digits, and underscores (_), spaces not supported.

Views

All views

Default Level

1: Monitoring level

Task Name and Operations

Task Name	Operations
ssl	read

Usage Guidelines

After loading SSL policies and certificates, you can run the display ssl policy command to view the configurations, including the SSL policy name, service to which an SSL policy is applied, certificate name, and certificate type. The command output shows whether the SSL policies and certificates are available.

Example

The actual command output varies according to the device. The command output here is only an example.

# Display the configuration of the SSL policy named policy1.

<HUAWEI> display ssl policy policy1
       SSL Policy Name: policy1
     Policy Applicants: HTTP-CLIENT
         Key-pair Type: DSA
 Certificate File Type: PEM
      Certificate Type: certificate
  Certificate Filename: a_servercertchain2_pem_dsa.pem
     Key-file Filename: a_serverkeychain2_pem_dsa.pem
             auth-code: ******
                   MAC: ******
           Issuer name: huawei
          Subject name: server
   Validity Not Before: 2008-08-04 08:24:16Z
    Validity Not After: 2018-08-02 08:24:16Z
              CRL File:
       Trusted-CA File:

**Table 1** Description of the **display ssl policy** command output
Item	Description
SSL Policy Name	Name of an SSL policy.
Policy Applicants	Service to which an SSL policy is applied. Currently, SSL policies can be applied to HTTP services.
Key-pair Type	Key pair type: RSA. DSA. ECC. SM2. To ensure high security, do not use the RSA key pair whose length is less than 2048 digits.
Certificate File Type	Certificate format: PEM. ASN1. PFX.
Certificate Type	Certificate type: Certificate. Certificate-chain.
Certificate Filename	Name of a certificate.
Key-file Filename	Name of a key pair file.
Issuer name	Name of the certificate issuer.
Subject name	Subject name of the certificate user.
Validity Not Before	Start Time of Validity Period.
Validity Not After	End Time of Validity Period.
CRL File	CRL File.
Trusted-CA File	Trusted-CA file.
auth-code	Authentication code of the key pair file.
MAC	Message authentication code.