1-2z For details about symmetric key algorithms, asymmetric key algorithm RSA and digital signature,refer to Public Key Configuration in the Security Volume.z For details about PKI, certificate, and CA, refer to PKI Configuration in the Security Volume.SSL Protocol StackAs shown in Figure 1-2, the SSL protocol consists of two layers of protocols: the SSL record protocol atthe lower layer and the SSL handshake protocol, change cipher spec protocol, and alert protocol at theupper layer.Figure 1-2 SSL protocol stackz SSL handshake protocol: As a very important part of the SSL protocol stack, it is responsible fornegotiating the cipher suite to be used during communication (including the symmetric encryptionalgorithm, key exchange algorithm, and MAC algorithm), exchanging the key between the serverand client, and implementing identity authentication of the server and client. Through the SSLhandshake protocol, a session is established between a client and the server. A session consists ofa set of parameters, including the session ID, peer certificate, cipher suite, and master secret.z SSL change cipher spec protocol: Used for notification between a client and the server that thesubsequent packets are to be protected and transmitted based on the newly negotiated ciphersuite and key.z SSL alert protocol: Allowing a client and the server to send alert messages to each other. An alertmessage contains the alert severity level and a description.z SSL record protocol: Fragmenting and compressing data to be transmitted, calculating and addingMAC to the data, and encrypting the data before transmitting it to the peer end.SSL Configuration Task ListDifferent parameters are required on the SSL server and the SSL client.Complete the following tasks to configure SSL:Task RemarksConfiguring an SSL Server Policy RequiredConfiguring an SSL Client Policy Optional