configure radius tls ocsp nonceNEW!

configure radius tls ocsp nonce [on | off]

Description

Enables or disables Online Certificate Status Protocol (OCSP) nonce for RADIUS TLS servers.

Syntax Description


tls	Specifies Transport Layer Security (TLS).
ocsp	Specifies the OCSP attribute.
nonce	Specifies to cryptographically bind an OCSP request and an OCSP response with the extension `id-pkix-ocsp-nonce` to prevent replay attacks.
on	Specifies to include the `id-pkix-ocsp-nonce` extension in the OCSP request and response.
off	Specifies to exclude the extension (default).

Default

Off.

Usage Guidelines

Example

The following example configures nonce:

# configure radius tls ocsp nonce on

History

This command was first available in ExtremeXOS 32.2.

Platform Availability

This command is available on ExtremeSwitching X435, X440-G2, X450-G2, X460-G2, X465, X590, X620, and X695 series switches.

Switching

Routing

Wireless

Management & Automation

Analytics & Visibility

Security & Access Control

Remote

Cloud

Security

Machine Learning

Campus Fabric

Data Center Fabric

Internet of Things

Wi-Fi 6

Primary & Secondary Education (K-12)

Retail

Service Providers

Federal Government

Manufacturing

Higher Education

Healthcare

Hospitality

State & Local Government

Sports & Public Venues

Support Portal

Knowledge Base

Documentation

End of Sale

Policies & Warranties

Training & Courses

Maintenance Services

Premier Services

Professional Services

Managed Services