< Home

ssl minimum version

Function

The ssl minimum version command configures a minimum SSL version for an SSL policy.

The undo ssl minimum version command restores the default version.

By default, the minimum SSL version used by an SSL policy is TLS1.2.

Format

ssl minimum version { tls1.0 | tls1.1 | tls1.2 }

undo ssl minimum version

Parameters

Parameter Description Value

tls1.0

Sets the minimum SSL version to TLS1.0 for an SSL policy.

-

tls1.1

Sets the minimum SSL version to TLS1.1 for an SSL policy.

-

tls1.2

Sets the minimum SSL version to TLS1.2 for an SSL policy.

-

Views

SSL policy view

Default Level

3: Management level

Usage Guidelines

Usage Scenario

To set a minimum SSL version for an SSL policy, run the ssl minimum version command, which meets service modules' flexible requirements on the version of an SSL policy.

TLS1.0 and TLS1.1 have security risks. TLS1.2 is recommended.

The SSL versions supported by an SSL policy include TLS1.0, TLS1.1 and TLS1.2 in ascending order of security.

Example

# Set the minimum SSL version to TLS1.2 for the SSL policy named ftp_server.

<sysname> system-view
[sysname] ssl policy ftp_server
[sysname-ssl-policy-ftp_server] ssl minimum version tls1.2
Parent Topic: File Transfer Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >