The ssl-auth-fail threshold-alarm command configures an alarm generation threshold for the number of SSL authentication failures within 60s.
The undo ssl-auth-fail threshold-alarm command restores the default threshold.
By default, an alarm is generated when the number of SSL authentication failures reaches or exceeds 10 within 60s.
Usage Scenario
To configure an alarm generation threshold for the number of SSL authentication failures within 60s, run the ssl-auth-fail threshold-alarm command. If the number of SSL authentication failures reaches or exceeds the specified report-times within 60s, an alarm (hwIpRanSSLAuthFailure) is generated, requiring administrator intervention.
The conditions for alarm generation are as follows:Prerequisites
DCN has been enabled globally using the dcn command in the system view.
Run the set compatible mode command to enable the DCN compatible modePrecautions
This command is supported only by the admin VS.
Two NEs on a same subnet cannot have the same NEID. Otherwise, network flapping occurs, and DCN connections cannot be established.<HUAWEI> system-view [~HUAWEI] dcn [*HUAWEI-dcn] quit [~HUAWEI] ssl policy ftp_server [~HUAWEI-ssl-policy-ftp_server] certificate load asn1-cert servercert.der key-pair rsa key-file serverkey.der [~HUAWEI-ssl-policy-ftp_server] quit [~HUAWEI] dcn [*HUAWEI-dcn] ssl-auth-fail threshold-alarm report-times 20