TP-Link T1500-28PCT T1500-28PCTTL-SL2428PUN V3 User Guide - Page 542
Configuring the HTTPS Function
View all TP-Link T1500-28PCT manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 542 highlights
Configuring Access Security Access Security Configurations Switch#copy running-config startup-config 2.2.3 Configuring the HTTPS Function Follow these steps to configure the HTTPS function: Step 1 Step 2 Step 3 configure Enter global configuration mode. ip http secure-server Enable the HTTPS function. By default, it is enabled. ip http secure-protocol { ssl3 | tls1 | tls11 | tls12 | all } Select the protocol version for HTTPS. Make sure the protocol in use is compatible with that on your HTTPS client. SSL is a transport protocol. It can provide server authentication, encryption and message integrity to allow secure HTTP connections. TLS is a transport protocol upgraded from SSL. It can support a more secure connection than SSL. TLS and SSL are not compatible with each other. ssl3: Select SSL Version 3.0 as the protocol for HTTPS. tls1: Select TLS Version 1.0 as the protocol for HTTPS. tls11: Select TLS Version 1.1 as the protocol for HTTPS. tls12: Select TLS Version 1.2 as the protocol for HTTPS. all: Enable all the above protocols for HTTPS. The HTTPS server and client will negotiate the protocol each time. Step 4 ip http secure-ciphersuite { [ rc4-128-md5 ] [ rc4-128-sha ] [ des-cbc-sha ] [ 3des-ede-cbcsha ] [ ecdhe-a128-g-s256 ] [ ecdhe-a256-g-s384 ] } Enable the corresponding cipher suite. By default, these types are all enabled. rc4-128-md5: 128-bit RC4 encryption with MD5 message authentication and RSA key exchange. rc4-128-sha: 128-bit RC4 encryption with SHA-1 message authentication and RSA key exchange. des-cbc-sha: 56-bit DES encryption with SHA-1 message authentication and RSA key exchange. 3des-ede-cbc-sha: 168-bit Triple DES encryption with SHA-1 message authentication and RSA key exchange. ecdhe-a128-g-s256: 128-bit AES in Galois Counter Mode encryption with SHA-256 message authentication and elliptic curve Diffie-Hellman key exchange signed with an RSA certificate or ECDSA certificate. ecdhe-a256-g-s384: 256-bit AES in Galois Counter Mode encryption with SHA-384 message authentication and elliptic curve Diffie-Hellman key exchange signed with an RSA certificate or ECDSA certificate. User Guide 519