38
Step Command Remarks
Disabling the HTTPS service
de-associates the SSL service policy
from the HTTPS service. To enable the
HTTPS service again, you must
reconfigure this command again.
If the HTTPS service has been
enabled, any changes to the SSL
server policy associated with it do not
take effect.
4. Enable the HTTPS
service.
ip https enable
By default, HTTPS is disabled.
Enabling the HTTPS service triggers
the SSL handshake negotiation
process.
• If the device has a local certificate,
the SSL handshake negotiation
succeeds and the HTTPS service
starts up.
• If the device does not have a local
certificate, the certificate
application process is started.
Because the certificate application
process takes a long time, the SSL
handshake negotiation might fail
and the HTTPS service might not
be started. To solve the problem,
execute this command again until
the HTTPS service is enabled.
5. (Optional.) Associate a
certificate attribute-based
access control policy with
the HTTPS service.
ip https certificate
access-control-policy
policy-name
By default, the HTTPS service is not
associated with a certificate-based
attribute access control policy.
The device uses the associated policy
to control client access rights.
For clients to log in through HTTPS,
configure the
client-verify enable
command and one or more
permit
rules in the associated SSL server
policy.
For more information about certificate
attribute-based access control policies,
see the chapter on PKI in Security
Configuration Guide.
6. (Optional.) Specify the
HTTPS service port
number.
ip https port
port-number
The default HTTPS service port
number is 443.
7. (Optional.) Set the
HTTPS login
authentication mode.
web https-authorization mode
{
auto
|
manual
}
By default, manual authentication mode
is used for HTTPS login.
8. (Optional.) Set the Web
connection idle-timeout
timer.
web idle-timeout
minutes
By default, the Web connection
idle-timeout timer is 10 minutes.
9. (Optional.) Specify the
maximum number of
online HTTPS users.
aaa session-limit https
max-sessions
By default, the maximum number of
concurrent HTTPS users is 5.
Changing this setting does not affect
online users. If the current number of
online HTTPS users is equal to or
greater than the new setting, no
additional HTTPS users can log in until
To Next Page
Loading...
Need help?
General