Dell Force10 S25N-S50N Microsoft Word - s-series-secure-management - Page 5

S-Series Secure Management Certificate file transfer operation completed successfully SFTOS #copy tftp://192.168.0.10/rootcert.pem nvram:sslpem-root Mode TFTP Set TFTP Server IP 192.168.0.10 TFTP Path TFTP Filename rootcert.pem Data Type SSL Root cert Management access will be blocked for the duration of the transfer Are you sure you want to start? (y/n) y TFTP SSL certificate receive complete... updating certificate file... Certificate file transfer operation completed successfully 3. Enable the HTTPS server with this command. SFTOS Version = 2.3.1 (SFTOS) #ip http secure-server SFTOS (Config)#ip http secure-server enable To verify that the server has started, use this command to show the HTTPS server status and check the log file for the following messages. SFTOS #show ip http Java Mode: Disabled HTTP Mode (Unsecure): Disabled HTTP Mode (Secure): Enabled Secure Port: 443 Secure Protocol Level(s): TLS1 SSL3 SFTOS #show logging buffered JAN 01 01:16:19 192.168.0.34-1 UNKN[209189968]: sslt_util.c(321) 39 %% SSLT: Successfully loaded all required SSL PEM files Using a web browser, connect to the switch using an https:// URL and login to verify that the SSL server is working. The padlock icon on your browser should indicate an encrypted connection. If you used the example certificates, your browser will display a warning that it cannot verify the authenticity of the certificate. This is because the example certificates have not been certified by a Certification Authority. When certificates are acquired from a Certification Authority and loaded on the switch this warning will not occur. 4. Once you have verified that you can connect to the switch with a web browser, the HTTP server can be disabled with this command for additional security if it was enabled previously. The HTTP server is disabled by default. SFTOS Version = 2.3.1 (SFTOS) #no ip http server SFTOS (Config)#no ip http server enable - 5 -