bind ssl-policy (DCN view)

Function

The bind ssl-policy command binds a Secure Sockets Layer (SSL) policy to a DCN device.

The undo bind ssl-policy command deletes the binding.

By default, no SSL policy is bound to a DCN device.

Format

bind ssl-policy ssl-policy-name

undo bind ssl-policy

Parameters

Parameter	Description	Value
ssl-policy-name	Specifies the name of an SSL policy.	The value is a string of 1 to 23 characters that can contain case-insensitive letters, underscores (_), and digits.

Parameter

Description

Value

ssl-policy-name

Specifies the name of an SSL policy.

The value is a string of 1 to 23 characters that can contain case-insensitive letters, underscores (_), and digits.

Views

DCN view

Default Level

2: Configuration level

Task Name and Operations

Task Name	Operations
dcn	write

Usage Guidelines

Usage Scenario

To improve the security for TCP connections between a GNE and its connected NMSs, run the bind ssl-policy command to bind an SSL policy to a DCN device.

Prerequisites

The DCN feature has been enabled globally using the dcn command in the system view.

The certificate of the SSL policy to be bound has been loaded to the NMSs and GNE using the certificate load command. The SSL policy has been configured using the ssl policy command.

Precautions

This command is supported only on the admin VS.

Two NEs on a same subnet cannot have the same NEID. Otherwise, network flapping occurs, and DCN connections cannot be established.

Example

# Bind the SSL policy named policy1 to DCN.

<HUAWEI> system-view
[~HUAWEI] ssl policy policy1
[*HUAWEI-ssl-policy-policy1] quit
[*HUAWEI] dcn
[*HUAWEI-dcn] set compatible mode
[*HUAWEI-dcn] bind ssl-policy policy1