附录 B:默认前端和后端 SSL 配置文件设置
默认前端配置文件具有以下设置:
sh ssl profile ns_default_ssl_profile_frontend
1)Name: ns_default_ssl_profile_frontend
Configuration for Front-End SSL profile
DH: DISABLED
Ephemeral RSA: ENABLED Refresh Count: 0
Session Reuse: ENABLED Timeout: 120 seconds
Non FIPS Ciphers: DISABLED
Cipher Redirect: ENABLED Redirect URL: http://10.102.28.212/redirect.html
Client Auth: DISABLED
SSL Redirect: DISABLED
SNI: DISABLED
SSLv3: DISABLED TLSv1.0: ENABLED TLSv1.1: ENABLED TLSv1.2: ENABLED
Push Encryption Trigger: Always
PUSH encryption trigger timeout: 1 ms
Send Close-Notify: YES
Push flag: 0x0 (Auto)
Deny SSL Renegotiation NO
SSL quantum size: 8 kB
Strict CA checks: NO
Encryption trigger timeout 100 mS
Encryption trigger packet count: 45
Use only bound CA certificates: DISABLED
Subject/Issuer Name Insertion Format: Unicode
Strict Host Header check for SNI enabled SSL sessions: NO
ECC Curve: P_256, P_384, P_521
1) Cipher Name: AES Priority :2
Description: Predefined Cipher Alias
1) Vserver Name: v1
2) Vserver Name: nshttps-::1l-443
3) Vserver Name: nsrpcs-::1l-3008
4) Vserver Name: nskrpcs-127.0.0.1-3009
5) Vserver Name: nshttps-127.0.0.1-443
6) Vserver Name: nsrpcs-127.0.0.1-3008
Done
<!--NeedCopy-->
默认后端配置文件具有以下设置:
sh ssl profile ns_default_ssl_profile_backend
1)Name: ns_default_ssl_profile_backend
Configuration for Back-End SSL profile
Session Reuse: ENABLED Timeout: 300 seconds
Non FIPS Ciphers: DISABLED
Server Auth: DISABLED
SSLv3: DISABLED TLSv1.0: ENABLED TLSv1.1: DISABLED TLSv1.2: DISABLED
Push Encryption Trigger: Always
PUSH encryption trigger timeout: 1 ms
Send Close-Notify: YES
Push flag: 0x0 (Auto)
Deny SSL Renegotiation ALL
SSL quantum size: 8 kB
Strict CA checks: NO
Encryption trigger timeout 100 mS
Encryption trigger packet count: 45
Use only bound CA certificates: DISABLED
ECC Curve: P_256, P_224, P_521
1) Cipher Name: AES Priority :1
Description: Predefined Cipher Alias
2) Cipher Name: RC4 Priority :2
Description: Predefined Cipher Alias
1) Service Name: s2
2) Service Name: s1
Done
<!--NeedCopy-->
附录 B:默认前端和后端 SSL 配置文件设置
已复制!
失败!