Zte ZXR10 5250-28SM - Figure 5-54 SSL Configuration Instance

To Next Page

To Previous Page

Chapter5ServiceConguration

UserscanaccesstheZXR105250byusingbrowsersandHTTPStoperformWeb-based

congurationandmanagement.

ConguringSSL

TheSSLcongurationincludesthefollowingcommands:

CommandFunction

zte(cfg)#setssl{enable|disable}EnablesordisablestheSSLfunction.

zte(cfg)#createca{<A.B.C.D/M>|<A.B.C.D><n

etworkmask>}

Managestheencryptioncerticate,andcreates

anRSAkey,alocalcerticateontheserverand

arootcerticateontheclient.

showssl(allcongurationmodes)DisplaystheSSLcongurationandstate.

SSLCongurationInstance

lCongurationDescription

SeeFigure5-54,alayer-3portisconguredontheswitch,andtheIPaddressisset

to192.168.100.110/24.TheIPaddressofthePCissetto192.168.100.109/24.The

switchoperatesastheSSLserver,andthebrowseronthePCoperatesastheSSL

client.

Figure5-54SSLCongurationInstance

lCongurationProcedure

Conguretheswitch:

zte(cfg)#createca192.168.100.110/24

caiscreating,pleasewait......

Rootcafile/flash/data/root.cer,hascreated!

Servercafile/flash/data/server.pem,hascreated!

Serverkeyfile/flash/data/server.key,hascreated!

FSisreleasing,pleasewait......

Done!

zte(cfg)#setsslen

Thecurrentcaisforipaddress192.168.100.110,

Pleasemakesureipoftheswitchmatches.

Thenupload/flash/data/root.cer,andimporttoexplore,thesslisavailible.

zte(cfg)#configtffs

zte(cfg-tffs)#cddata

5-149

SJ-20131111172707-002|2013-11-27(R1.0)ZTEProprietaryandCondential

Other manuals for Zte ZXR10 5250-28SM