How To Configure Secure Socket Layer Http - Cisco Catalyst 2960 series Configuration Manual

How to Configure Secure Socket Layer HTTP

Configuring the Secure HTTP Server
Beginning in privileged EXEC mode, follow these steps to configure a secure HTTP server:
Before You Begin
If you are using a certificate authority for certification, you should use the previous procedure to configure
the CA trustpoint on the switch before enabling the HTTP server. If you have not configured a CA trustpoint,
a self-signed certificate is generated the first time that you enable the secure HTTP server. After you have
configured the server, you can configure options (path, access list to apply, maximum number of connections,
or timeout policy) that apply to both standard and secure HTTP servers.
To verify the secure HTTP connection by using a Web browser, enter https://URL, where the URL is the IP
address or hostname of the server switch. If you configure a port other than the default port, you must also
specify the port number after the URL. For example:
https://209.165.129:1026
or
https://host.domain.com:1026
SUMMARY STEPS
1. show ip http server status
2. configure terminal
3. ip http secure-server
4. ip http secure-port port-number
5. ip http secure-ciphersuite {[3des-ede-cbc-sha] [rc4-128-md5] [rc4-128-sha] [des-cbc-sha]}
6. ip http secure-client-auth
7. ip http secure-trustpoint name
8. ip http path path-name
9. ip http access-class access-list-number
10. ip http max-connections value
11. ip http timeout-policy idle seconds life seconds requests value
12. end
Consolidated Platform Configuration Guide, Cisco IOS Release 15.2(4)E (Catalyst 2960-X Switches)
Information About Secure Socket Layer HTTP
1131