configure radius tls ocsp nonceNEW!
Description
Enables or disables Online Certificate Status Protocol (OCSP) nonce for RADIUS TLS servers.
Syntax Description
tls | Specifies Transport Layer Security (TLS). |
ocsp | Specifies the OCSP attribute. |
nonce | Specifies to cryptographically bind an OCSP request and an OCSP response with the extension id-pkix-ocsp-nonce to prevent replay attacks. |
on | Specifies to include the id-pkix-ocsp-nonce extension in the OCSP request and response. |
off | Specifies to exclude the extension (default). |
Default
Off.
Usage Guidelines
Example
The following example configures nonce:
# configure radius tls ocsp nonce on
History
This command was first available in ExtremeXOS 32.2.
Platform Availability
This command is available on ExtremeSwitching X435, X440-G2, X450-G2, X460-G2, X465, X590, X620, and X695 series switches.