HP 6125G HP 6125G & 6125G/XG Blade Switches Fundamentals Configuration - Page 62
Associate the HTTPS, policy-name, Security Configuration Guide, port-number
View all HP 6125G manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 62 highlights
Step Command 2. Associate the HTTPS service with an SSL server ip https ssl-server-policy policy. policy-name 3. Enable the HTTPS service. ip https enable 4. Associate the HTTPS service with a certificate attribute-based access control policy. ip https certificate access-control-policy policy-name 5. Specify the HTTPS service port number. ip https port port-number 56 Remarks By default, the HTTPS service is not associated with any SSL server policy, and the device uses a self-signed certificate for authentication. If you disable the HTTPS service, the system automatically de-associates the HTTPS service from the SSL service policy. Before re-enabling the HTTPS service, associate the HTTPS service with an SSL server policy first. If the HTTPS service has been enabled, any changes to the SSL server policy associated with the HTTP service that is enabled do not take effect. By default, HTTPS is disabled. Enabling the HTTPS service triggers an SSL handshake negotiation process. During the process, if the local certificate of the device exists, the SSL negotiation succeeds, and the HTTPS service can be started properly. If no local certificate exists, a certificate application process will be triggered by the SSL negotiation. Because the application process takes much time, the SSL negotiation often fails and the HTTPS service cannot be started normally. In that case, execute the ip https enable command multiple times to start the HTTPS service. Optional. By default, the HTTPS service is not associated with any certificate-based attribute access control policy. Associating the HTTPS service with a certificate-based attribute access control policy enables the device to control the access rights of clients. You must configure the client-verify enable command in the associated SSL server policy. If not, no clients can log in to the device. The associated SSL server policy must contain at least one permit rule. Otherwise, no clients can log in to the device. For more information about certificate attribute-based access control policies, see Security Configuration Guide. Optional. The default HTTPS service port is 443.