Assistance in the Protection from Un-
authorized Access
UM Basic Configuration L3P
Release
7.1
12/2011
6.3
Telnet/internet/SSH access
97
The web server uses HTTP to load a Java applet for the web-based interface
onto your computer. This applet then communicates with the device by
SNMP (Simple Network Management Protocol). If you have enabled the
Web Server (HTTPS) function, the Java applet establishes an HTTPS
connection to the device. The device creates an HTTPS tunnel through the
SNMP. It uses DES encoding on 56 bits. You can upload HTTPS certificates
to the device.
Certificate
An X.509/PEM Standard certificate (Public Key Infrastructure) is required
for the encryption. In the as-delivered state, a self-generated certificate is
already present on the device.
You can create an X509/PEM certificate using the following CLI
command: # ip https certgen
You can upload a new certificate using the following CLI command:
copy tftp://<server_ip>/<path_to_pem>
nvram:httpscert
You can switch the HTTPS server off and on again using the following
CLI command sequence:
# no ip https server
# ip https server
Note: If you upload a new certificate, reboot the device or the HTTPS
server in order to activate the certificate.
HTTPS connection
Note: The standard port for HTTPS connection is 443. If you change the
number of the HTTPS port, reboot the device or the HTTPS server in
order to make the change effective.
You can change the HTTPS port number using the following CLI-
command (where <port_no> is the number of the HTTPS port):
#ip https port <port_no>
Note: If you want to use HTTPS, switch on both HTTPS and HTTP. This
is required in order to load the applet. In the as-delivered state, HTTPS is
switched off.
To Next Page
Loading...
Need help?
General
