1-6z For details about PKI configuration commands, refer to PKI Commands in the Security Volume.z For details about the public-key local create rsa command, refer to Public Key Commands in theSecurity Volume.z For details about HTTPS, refer to HTTP Configuration in the System Volume.Configuring an SSL Client PolicyAn SSL client policy is a set of SSL parameters for a client to use when connecting to the server. An SSLclient policy takes effect only after it is associated with an application layer protocol.Configuration PrerequisitesIf the SSL server is configured to authenticate the SSL client, when configuring the SSL client policy,you need to specify the PKI domain to be used for obtaining the certificate of the client. Therefore,before configuring an SSL client policy, you must configure a PKI domain. For details about PKI domainconfiguration, refer to PKI Configuration in the Security Volume.Configuration ProcedureFollow these steps to configure an SSL client policy:To do… Use the command… RemarksEnter system view system-view —Create an SSL client policy andenter its view ssl client-policy policy-name RequiredSpecify a PKI domain for the SSLclient policy pki-domain domain-nameRequiredNo PKI domain is configured bydefault.Specify the preferred cipher suitefor the SSL client policyprefer-cipher{ rsa_aes_128_cbc_sha |rsa_des_cbc_sha |rsa_rc4_128_md5 |rsa_rc4_128_sha }Optionalrsa_rc4_128_md5 by defaultSpecify the SSL protocol versionfor the SSL client policy version { ssl3.0 | tls1.0 } OptionalTLS 1.0 by defaultIf you enable client authentication on the server, you must request a local certificate for the client.Displaying and Maintaining SSLTo do… Use the command… RemarksDisplay SSL server policy display ssl server-policyAvailable in any view