Configuring The Secure Http Client - Cisco 3020 - Catalyst Blade Switch Configuration Manual

Chapter 6 Configuring Switch-Based Authentication
Command
Step 11 ip http timeout-policy idle seconds life
seconds requests value
Step 12
end
Step 13 show ip http server secure status
Step 14 copy running-config startup-config
Use the no ip http server global configuration command to disable the standard HTTP server. Use the
no ip http secure-server global configuration command to disable the secure HTTP server. Use the no
ip http secure-port and the no ip http secure-ciphersuite global configuration commands to return to
the default settings. Use the no ip http secure-client-auth global configuration command to remove the
requirement for client authentication.
To verify the secure HTTP connection by using a Web browser, enter https://URL, where the URL is the
IP address or hostname of the server switch. If you configure a port other than the default port, you must
also specify the port number after the URL. For example:
https://209.165.129:1026
or
https://host.domain.com:1026

Configuring the Secure HTTP Client

The standard HTTP client and secure HTTP client are always enabled. A certificate authority is required
for secure HTTP client certification. This procedure assumes that you have previously configured a CA
trustpoint on the switch. If a CA trustpoint is not configured and the remote HTTPS server requires client
authentication, connections to the secure HTTP client fail.
Beginning in privileged EXEC mode, follow these steps to configure a secure HTTP client:
Command
Step 1 configure terminal
Step 2
ip http client secure-trustpoint name
OL-8915-01
Purpose
(Optional) Specify how long a connection to the HTTP server can remain
open under the defined circumstances:
idle—the maximum time period when no data is received or response
•
data cannot be sent. The range is 1 to 600 seconds. The default is
180 seconds (3 minutes).
• life—the maximum time period from the time that the connection is
established. The range is 1 to 86400 seconds (24 hours). The default
is 180 seconds.
requests—the maximum number of requests processed on a
•
persistent connection. The maximum value is 86400. The default is 1.
Return to privileged EXEC mode.
Display the status of the HTTP secure server to verify the configuration.
(Optional) Save your entries in the configuration file.
Purpose
Enter global configuration mode.
(Optional) Specify the CA trustpoint to be used if the remote HTTP server
requests client authentication. Using this command assumes that you have
already configured a CA trustpoint by using the previous procedure. The
command is optional if client authentication is not needed or if a primary
trustpoint has been configured.
Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide
Configuring the Switch for Secure Socket Layer HTTP
6-47