Operation Manual – SSL-HTTPSH3C S3610&S5510 Series Ethernet Switches Chapter 1 SSL Configuration1-1Chapter 1 SSL ConfigurationWhen configuring SSL, go to these sections for information you are interested in:z SSL Overviewz SSL Configuration Task Listz Displaying and Maintaining SSLz Troubleshooting SSL1.1 SSL OverviewSecure Sockets Layer (SSL) is a security protocol providing secure connection servicefor TCP-based application layer protocols, for example, HTTP protocol. It is widelyused in E-business and online bank fields to provide secure data transmission over theInternet.SSL provides these security services:z Confidentiality: SSL encrypts data using a symmetric encryption algorithm and thekey generated during the handshake phase.z Authentication: SSL supports authenticating both the server and the client throughcertificates, with the authentication of the client being optional.z Reliability: SSL uses key-based message authentication code (MAC) to verifymessage integrity.As shown in Figure 1-1, the SSL protocol consists of two layers of protocols: the SSLrecord protocol at the lower layer and the SSL handshake protocol, change cipher specprotocol, and alert protocol at the upper layer.Figure 1-1 SSL protocol stackz SSL handshake protocol: Responsible for establishing a session between a clientand the server. A session consists of a set of parameters such as the session ID,peer certificate, cipher suite (including key exchange algorithm, data encryptionalgorithm and MAC algorithm), compression algorithm, and master key. An SSLsession can be used to establish multiple connections, reducing sessionnegotiation cost.