1. Manuals
  2. Brands
  3. H3C Manuals
  4. Network Router
  5. S5500-HI Switch Series
  6. Fundamentals configuration manual

H3C S5500-HI Series Fundamentals Configuration Manual page 77

Hide thumbs Also See for S5500-HI Series:
Table of Contents

Advertisement

To do...
Associate the HTTPS service with
an SSL server policy
Enable the HTTPS service
Associate the HTTPS service with a
certificate attribute-based access
control policy
Configure the port number of the
HTTPS service
Use the command...
ip https ssl-server-policy
policy-name
ip https enable
ip https certificate
access-control-policy
policy-name
ip https port port-number
66
Remarks
Required
By default, the HTTPS service is not
associated with any SSL server policy.
If you disable the HTTPS service, the
system automatically de-associates the
HTTPS service from the SSL service
policy. Before re-enabling the HTTPS
service, associate the HTTPS service
with an SSL server policy first.
Any changes to the SSL server policy
associated with the HTTP service that is
enabled do not take effect.
Required
Disabled by default.
Enabling the HTTPS service triggers an SSL
handshake negotiation process. During the
process, if the local certificate of the device
exists, the SSL negotiation succeeds, and
the HTTPS service can be started properly.
If no local certificate exists, a certificate
application process will be triggered by
the SSL negotiation. Because the
application process takes much time, the
SSL negotiation often fails and the HTTPS
service cannot be started normally. In that
case, you need to execute the ip https
enable command multiple times to start the
HTTPS service.
Optional
By default, the HTTPS service is not
associated with any certificate-based
attribute access control policy.
Associating the HTTPS service with a
certificate-based attribute access
control policy enables the device to
control the access rights of clients.
You must configure the client-verify
enable command in the associated SSL
server policy. If not, no clients can log in
to the device.
The associated SSL server policy must
contain at least one permit rule.
Otherwise, no clients can log in to the
device.
For more information about certificate
attribute-based access control policies,
see Security Configuration Guide.
Optional
443 by default.

Advertisement

Table of Contents
loading

Related Manuals for H3C S5500-HI Series

Related Products for H3C S5500-HI Series

Table of Contents