キャンセル
次の結果を表示 
次の代わりに検索 
もしかして: 
cancel
1817
閲覧回数
0
いいね!
1
返信

TLS/SSL expiration check on ESA?

bsrinu001
Level 1
Level 1

Hi Team, 

 

Could you please let us know how to check the TLS/SSL expiration status on ESA C670 also TLS communication will hapen by cipher keys right? whlie TLS neogiation. 

how many Ciphers/ Expiration dates for them? how to check? please calrity ASAP. Many Thanks 

1件の返信1

dmccabej
Cisco Employee
Cisco Employee

Hello,

 

Certificate expiration date(s) can be checked within the GUI by navigating to Network --> Certificates. On that page you'll be able to see the expiration date for each certificate installed on the appliance. 

 

+++certconfig.jpg

+++

 

For the SSL/TLS procotols themselves, you can also review this information within the GUI by navigating to System Administration --> SSL Configuration. From there, you'll be able to see which protcols are being used for which services along with the current cipher string. 

 

+++

ssl_config.jpg

+++

 

Finally, to see which ciphers would actually be offered in the SSL/TLS communication, you can take that cipher string and then paste it into the CLI using the sslconfig --> verify commands.

 

As an example:

 

 

hermes.test.local (SERVICE)> sslconfig

Choose the operation you want to perform:
- GUI - Edit GUI HTTPS ssl settings.
- INBOUND - Edit Inbound SMTP ssl settings.
- OUTBOUND - Edit Outbound SMTP ssl settings.
- VERIFY - Verify and show ssl cipher list.
[]> verify
Enter the ssl cipher you want to verify. []> ALL:-aNULL:-EXPORT

 

Hopefully that helps! Let me know if you need anything clarified.

 

Thanks!

-Dennis M.