Table of Contents
Advertisement
To do...
Enable the HTTPS service
Associate the HTTPS service
with a certificate
attribute-based access control
policy
Configure the port number of
the HTTPS service
Associate the HTTPS service
with an ACL
Set the web user connection
timeout time
Set the web log buffer size
Create a local user and enter
local user view
Use the command...
ip https enable
ip https certificate
access-control-policy
policy-name
ip https port port-number
ip https acl acl-number
web idle-timeout minutes
web logbuffer size pieces
local-user user-name
66
Remarks
Required
Disabled by default.
Enabling the HTTPS service triggers an SSL
handshake negotiation process. During the
process, if the local certificate of the device
exists, the SSL negotiation succeeds, and the
HTTPS service can be started normally. If no
local certificate exists, a certificate application
process will be triggered by the SSL
negotiation. Because the application process
takes much time, the SSL negotiation often fails
and the HTTPS service cannot be started
normally. In that case, you need to execute the
ip https enable command multiple times to
start the HTTPS service.
Optional
By default, the HTTPS service is not associated
with any certificate-based attribute access
control policy.
•
Associating the HTTPS service with a
certificate-based attribute access control
policy enables the device to control the
access rights of clients.
•
You must configure the client-verify enable
command in the associated SSL server
policy. If not, no clients can log in to the
device.
•
The associated SSL server policy must
contain at least one permit rule.
Otherwise, no clients can log in to the
device.
•
For more information about certificate
attribute-based access control policies, see
the Security Configuration Guide.
Optional
443 by default.
Required
By default, the HTTPS service is not associated
with any ACL.
Associating the HTTPS service with an ACL
enables the device to allow only clients
permitted by the ACL to access the device.
Optional
Optional
Required
By default, no local user is configured.
- Quick Links:
- Cli Configuration
- Entering the Cli
Hide quick links:
Advertisement
Table of Contents
