Command Line Interface Reference Guide > The SLB Configuration Menu
/cfg/slb/ssl/authpol/seract
Authentication Policy server certificate action Menu
The commands in the Authentication Policy server certificate action menu specify how Alteon responds to client authentication policy validity issues.
 
[Authentication Policy 555 server certificate action Menu]
expired - Set behavior for expired server certificate
mismatch - Set behavior for server certificate host mismatch
untrust - Set behavior for un-trusted server certificate
cur - Display current server certificate action configuration
 
Authentication Policy server certificate action Menu (/cfg/slb/ssl/authpol/seract) 
Command Syntax and Usage
expired reject|ignore
 
Specifies the action performed on receiving an expired certificate from the server.
Values:
*reject — Alteon rejects the handshake to the server and sends the following message to the client: Expired SSL Server Certificate
*ignore — Alteon continues the SSL session establishment. If this is an outbound SSL Inspection flow, Alteon sends to the client an on-the-fly generated certificate with the expired value, allowing the client to decide whether to accept the handshake or not.
Default: ignore
mismatch reject|ignore
 
Specifies the action performed when a host mismatch is detected between the certificate Common Name and SNI value.
Values:
*reject — Alteon rejects the handshake to the server and sends the following message to the client: SSL Server Certificate Host Mismatch
*ignore — Alteon continues the SSL session establishment. If this is an outbound SSL Inspection flow, Alteon sends to the client an on-the-fly generated certificate with the same host as in the original certificate, allowing the client to decide whether to accept the handshake or not.
Default: ignore
untrust reject|ignore
 
Specifies the action performed on receiving a server certificate signed by an untrusted issuer.
Values:
*reject — Alteon rejects the handshake to the server and sends the following message to client: Untrusted SSL Server Certificate
*ignore — Alteon continues the SSL session establishment. If this is an outbound SSL Inspection flow, Alteon sends to the client an on-the-fly self-signed certificate (untrusted), allowing the client to decide whether to accept the handshake or not.
Default: reject
cur
 
Displays the current client authentication policy configuration.