Configuration Guide 504
Configuring Access Security Access Security Configurations
Switch#copy running-config startup-config
2.2.3 Configuring the HTTPS Function
Follow these steps to configure the HTTPS function:
Step 1 configure
Enter global configuration mode.
Step 2 ip http secure-server
Enable the HTTPS function. By default, it is enabled.
Step 3 ip http secure-protocol { [ ssl3 ] [ tls1 ] }
Configure to make the switch support the corresponding protocol. By default, the switch
supports SSLv3 and TLSv1.
ssl3: Enable the SSL version 3 protocol. SSL is a transport protocol. It can provide server
authentication, encryption and message integrity to allow secure HTTP connection.
tls1: Enable the TLS version 1 protocol. TLS is s transport protocol upgraded from SSL. It
supports different encryption algorithm from SSL, so TLS and SSL are not compatible. TLS
can support a more secure connection.
Step 4 ip http secure-ciphersuite { [ 3des-ede-cbc-sha ] [ rc4-128-md5 ] [ rc4-128-sha ] [ des-cbc-
sha ] }
Enable the corresponding ciphersuite. By default, these types are all enabled.
3des-ede-cbc-sha: Key exchange with 3DES and DES-EDE3-CBC for message encryption and
SHA for message digest.
rc4-128-md5: Key exchange with RC4 128-bit encryption and MD5 for message digest.
rc4-128-sha: Key exchange with RC4 128-bit encryption and SHA for message digest.
des-cbc-sha: Key exchange with DES-CBC for message encryption and SHA for message
digest.
Step 5 ip http secure-session timeout
minutes
Specify the Session Timeout time. The system will log out automatically if users do nothing
within the Session Timeout time.
minutes
: Specify the timeout time, which ranges from 5 to 30 minutes. The default value is 10.
To Next Page
Loading...
Need help?
General