SNR S2940-8G-v2 Switch Configuration Guide
SSL Configuration
2. Configure/delete port number by SSL used
Command Explanation
Global Mode
ip
http
secure-port
<port-number>
no ip http secure-port
Configure port number by SSL used, the 'no ip http
secure-port' command deletes the port number.
3. Configure/delete secure cipher suite by SSL used
Command Explanation
Global Mode
ip http secure-ciphersuite { des-cbc3-
sha | rc4-128-sha | des-cbc-sha }
no ip http secure-ciphersuite
Configure/delete secure cipher suite by SSL used.
4. Maintenance and diagnose for the SSL function
Command Explanation
Admin Mode or Configuration Mode
show ip http secure-server status Show the configured SSL information.
debug ssl
no debug ssl
Open/close the DEBUG for SSL function.
51.3 SSL Typical Example
When the Web function is enabled on the switch, SSL can be configured for users to access the
web interface on the switch. If the SSL has been configured, communication between the client
and the switch will be encrypted through SSL for safety.
Firstly, SSL should be enabled on the switch. When the client tries to access the switch through
https method, a SSL session will be set up between the switch and the client. When the SSL
session has been set up, all the data transmission in the application layer will be encrypted.
Configuration on the switch:
Switch(config)#ip http secure-server
Switch(config)#ip http secure-port 1025
Switch(config)#ip http secure-ciphersuite rc4-128-sha
51.4 SSL Troubleshooting
In configuring and using SSL, the SSL function may fail due to reasons such as physical connection
failure or wrong configurations. The user should ensure the following:
• First good condition of the physical connection;
• Second all interface and link protocols are in the UP state (use 'show interface' command);
• Then, make sure SSL function is enabled (use ip http secure-server command );
346
To Next Page
Loading...
General