Product Documentation

Configuring Close-Notify

Sep 01, 2016

A close-notify is a secure message that indicates the end of SSL data transmission. A close-notify setting is required at the global level. This setting applies to all virtual servers, services, and service groups. For information about the global setting, see Configuring Advanced SSL Settings.

In addition to the global setting, you can set the close-notify parameter at the virtual server, service, or service group level. You therefore have the flexibility of setting the parameter for one entity and unsetting it for another entity. However, make sure that you set this parameter at the global level. Otherwise, the setting at the entity level does not apply.

To configure close-notify at the entity level by using the command line interface

At the command prompt, type any of the following commands to configure close-notify and verify the configuration:

  1. To configure close-notify at the virtual server level, type:
    • set ssl vserver <vServerName> -sendCloseNotify ( YES | NO )
    • show ssl vserver <vServerName>
  2. To configure close-notify at the service level, type:
    • set ssl service <serviceName> -sendCloseNotify ( YES | NO )
    • show ssl service <serviceName>
  3. To configure close-notify at the service group level, type:
    • set ssl serviceGroup <serviceGroupName> -sendCloseNotify ( YES | NO )
    • show ssl serviceGroup <serviceGroupName>

Example

 
> set ssl vserver sslvsvr -sendCloseNotify YES 
 Done

To configure close-notify at the entity level by using the configuration utility

  1. Navigate to Traffic Management > Load Balancing > Virtual Servers, and open a virtual server.
  2. In the SSL Parameters section, select Send Close-Notify.