Operation Manual – SSL-HTTPSH3C S5500-EI Series Ethernet Switches Chapter 1 SSL Configuration1-2z SSL change cipher spec protocol: Used for notification between a client and theserver that the subsequent packets are to be protected and transmitted based onthe newly negotiated cipher suite and key.z SSL alert protocol: Allowing a client and the server to send alert messages to eachother. An alert message contains the alert severity level and a description.z SSL record protocol: Fragmenting and compressing data to be transmitted,calculating and adding MAC to the data, and encrypting the data beforetransmitting it to the peer end.1.2 SSL Configuration Task ListDifferent parameters are required on the SSL server and the SSL client.Complete the following tasks to configure SSL:Task RemarksConfiguring an SSL Server Policy RequiredConfiguring an SSL Client Policy Optional1.3 Configuring an SSL Server PolicyAn SSL server policy is a set of SSL parameters for a server to use when booting up. AnSSL server policy takes effect only after it is associated with an application layerprotocol, HTTP protocol, for example.1.3.1 Configuration PrerequisitesBefore configuring an SSL server policy, you must configure a PKI (public keyinfrastructure) domain.1.3.2 Configuration ProcedureFollow these steps to configure an SSL server policy:To do... Use the command... RemarksEnter system view system-view —Create an SSL serverpolicy and enter itsviewssl server-policypolicy-name RequiredSpecify a PKI domainfor the SSL serverpolicypki-domain domain-nameRequiredBy default, no PKI domain isspecified for an SSL serverpolicy.