9-46
Catalyst 2960 and 2960-S Switches Software Configuration Guide, Release 15.0(1)SE
OL-26520-01
Chapter 9 Configuring Switch-Based Authentication
Configuring the Switch for Secure Socket Layer HTTP
Displaying the SSH Configuration and Status
To display the SSH server configuration and status, use one or more of the privileged EXEC commands
in Table 9-5:
For more information about these commands, see the “Secure Shell Commands” section in the “Other
Security Features” chapter of the Cisco IOS Security Command Reference:
http://www.cisco.com/en/US/docs/ios/12_2/security/configuration/guide/scfpass.html
Configuring the Switch for Secure Socket Layer HTTP
This section describes how to configure Secure Socket Layer (SSL) version 3.0 support for the HTTP 1.1
server and client. SSL provides server authentication, encryption, and message integrity, as well as
HTTP client authentication, to allow secure HTTP communications.To use this feature, the
cryptographic (encrypted) software image must be installed on your switch. You must obtain
authorization to use this feature and to download the cryptographic software files from Cisco.com. For
more information about the crypto image, see the release notes for this release.
These sections contain this information:
• Understanding Secure HTTP Servers and Clients, page 9-46
• Configuring Secure HTTP Servers and Clients, page 9-48
• Displaying Secure HTTP Server and Client Status, page 9-52
For configuration examples and complete syntax and usage information for the commands used in this
section, see the “HTTPS - HTTP Server and Client with SSL 3.0” feature description for Cisco IOS
Release 12.2(15)T:
http://www.cisco.com/en/US/docs/ios/netmgmt/configuration/guide/nm_https_sc_ssl3.html
Understanding Secure HTTP Servers and Clients
On a secure HTTP connection, data to and from an HTTP server is encrypted before being sent over the
Internet. HTTP with SSL encryption provides a secure connection to allow such functions as configuring
a switch from a Web browser. Cisco's implementation of the secure HTTP server and secure HTTP client
uses an implementation of SSL Version 3.0 with application-layer encryption. HTTP over SSL is
abbreviated as HTTPS; the URL of a secure connection begins with https:// instead of http://.
The primary role of the HTTP secure server (the switch) is to listen for HTTPS requests on a designated
port (the default HTTPS port is 443) and pass the request to the HTTP 1.1 Web server. The HTTP 1.1
server processes requests and passes responses (pages) back to the HTTP secure server, which, in turn,
responds to the original request.
Table 9-5 Commands for Displaying the SSH Server Configuration and Status
Command Purpose
show ip ssh Shows the version and configuration information for the SSH server.
show ssh Shows the status of the SSH server.
To Next Page
Loading...
Need help?
General
