H3C S3100 Series Command Manual page 1154

By default, the HTTPS service is not associated with any certificate attribute access control policy.
Association of the HTTPS service with a certificate attribute access control policy can control the
access rights of clients.
Examples
# Associate the HTTPS server to certificate attribute access control policy myacl.
<Sysname> system-view
[Sysname] ip https certificate access-control-policy myacl
ip https enable
Syntax
ip https enable
undo ip https enable
View
System view
Parameters
None
Description
Use the ip https enable command to enable the HTTPS service.
Use the undo ip https enable command to disable the HTTPS service.
By default, the HTTPS service is disabled.
The device can act as the HTTP server and the users can access and control the device through the
Web function only after the HTTP service is enabled.
Note that enabling of the HTTPS service triggers an SSL handshake negotiation process. During the
process, if a local certificate of the device already exists, the SSL negotiation is successfully performed,
and the HTTPS service can be started normally. If no local certificate exists, a certificate application
process will be triggered by the SSL negotiation. Since the application process takes much time, the
SSL negotiation often fails and the HTTPS service cannot be started normally. Therefore, the ip https
enable command must be executed for multiple times to ensure normal startup of the HTTPS service.
Related commands: display ip https.
Examples
# Enable the HTTPS service.
<Sysname> system-view
[Sysname] ip https enable
ip https ssl-server-policy
Syntax
ip https ssl-server-policy policy-name
undo ip https ssl-server-policy
1-3