Configuration Guide 64
Managing System Access Security Configurations
Switch(config)#ip http server
Switch(config)#ip http session timeout 9
Switch(config)#ip http max-user 6 5
Switch(config)#show ip http configuration
HTTP Status: Enabled
HTTP Session Timeout: 9
HTTP User Limitation: Enabled
HTTP Max Admin Users: 6
HTTP Max Guest Users: 5
Switch(config)#end
Switch#copy running-config startup-config
5.2.3 Configuring the HTTPS Function
Follow these steps to configure the HTTPS function:
Step 1 configure
Enter global configuration mode.
Step 2 ip http secure-server
Enable the HTTPS function. By default, it is enabled.
Step 3 ip http secure-protocol { [ ssl3 ] [ tls1 ] }
Configure to make the switch support the corresponding protocol. By default, the switch
supports SSLv3 and TLSv1.
ssl3: Enable the SSL version 3 protocol. SSL is a transport protocol. It can provide server
authentication, encryption and message integrity to allow secure HTTP connection.
tls1: Enable the TLS version 1 protocol. TLS is s transport protocol upgraded from SSL. It
supports different encryption algorithm from SSL, so TLS and SSL are not compatible. TLS
can support a more secure connection.
Step 4 ip http secure-ciphersuite { [ 3des-ede-cbc-sha ] [ rc4-128-md5 ] [ rc4-128-sha ] [ des-cbc-
sha ] }
Enable the corresponding ciphersuite. By default, these types are all enabled.
[ 3des-ede-cbc-sha ]: Key exchange with 3DES and DES-EDE3-CBC for message encryption
and SHA for message digest.
[ rc4-128-md5 ]: Key exchange with RC4 128-bit encryption and MD5 for message digest.
[ rc4-128-sha ]: Key exchange with RC4 128-bit encryption and SHA for message digest.
[ des-cbc-sha ]: Key exchange with DES-CBC for message encryption and SHA for message
digest.
To Next Page
Loading...
