Huawei SNS switch (OEM Brocade FC switches) Fabric OS: v 8 version of the browser to access the switch Webtools display solutions no matching cipher suites by way of https

1, when accessed through Firefox Tip: 10.77.77.77 connection when an error occurs. Unable to communicate securely end with a peer: no encryption algorithm common to both. Error Code: SSL_ERROR_NO_CYPHER_OVERLAP

2, the process

Check the switch command seccryptocfg --show TLS encryption algorithm suite:

--------------------------------------------------------------------------------------------------------

SNS2624_D12:admin> seccryptocfg --show
SSH Crypto:
SSH Cipher : aes128-ctr,aes192-ctr,aes256-ctr
SSH Kex : ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
SSH MAC : hmac-sha1,hmac-sha2-256,hmac-sha2-512
TLS Ciphers:
HTTPS : !ECDH:!DH:HIGH:-MD5:!CAMELLIA:!SRP:!PSK:!AESGCM:!SSLv3
RADIUS : !ECDH:!DH:HIGH:-MD5:!CAMELLIA:!SRP:!PSK:!AESGCM
LDAP : !ECDH:!DH:HIGH:-MD5:!CAMELLIA:!SRP:!PSK:!AESGCM
SYSLOG : !ECDH:!DH:HIGH:-MD5:!CAMELLIA:!SRP:!PSK:!AESGCM
TLS Protocol:
HTTPS : Any
RADIUS : Any
LDAP : Any
SYSLOG : Any
X509v3:
Validation : Basic
SNS2624_D12:admin>

--------------------------------------------------------------------------------------------------------

Visible is configured too strong encryption algorithm suite.

2, the encryption algorithm landing switch into general retry just fine (Brocade factory default settings when 8.1.0b version of the algorithm for strong template):
seccryptocfg --apply default_generic

--------------------------------------------------------------------------------------------------------

SNS2624_D12:admin> seccryptocfg --apply default_generic
Validating....
Applying...

Template configurations applied successfully
SNS2624_D12:admin>

--------------------------------------------------------------------------------------------------------

3. Check again:

--------------------------------------------------------------------------------------------------------

SNS2624_D12:admin> seccryptocfg --show
SSH Crypto:
SSH Cipher : aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc
SSH Kex : ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
SSH MAC : hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha2-512
TLS Ciphers:
HTTPS : !ECDH:!DH:HIGH:-MD5:!CAMELLIA:!SRP:!PSK:!AESGCM
RADIUS : !ECDH:!DH:HIGH:-MD5:!CAMELLIA:!SRP:!PSK:!AESGCM
LDAP : !ECDH:!DH:HIGH:-MD5:!CAMELLIA:!SRP:!PSK:!AESGCM
SYSLOG : !ECDH:!DH:HIGH:-MD5:!CAMELLIA:!SRP:!PSK:!AESGCM
TLS Protocol:
HTTPS : Any
RADIUS : Any
LDAP : Any
SYSLOG : Any
X509v3:
Validation : Basic
SNS2624_D12:admin>

--------------------------------------------------------------------------------------------------------

SNS2624_D12:admin> seccryptocfg --lstemplates

Templates of List:
default_generic ## General encryption algorithms become the first line, indicating that already changing for the better
default_fips
default_cc
default_strong

--------------------------------------------------------------------------------------------------------

4, try again:

Have normal access, you can manage the java tool

Huawei SNS switch (OEM Brocade FC switches) Fabric OS: v 8 version of the browser to access the switch Webtools display solutions no matching cipher suites by way of https

Guess you like