Cisco Catalyst 2960-X Security Configuration Manual page 157
Cisco ios release 15.0(2)ex
Hide thumbs
Also See for Catalyst 2960-X:
- Command reference manual (135 pages) ,
- Hardware installation manual (34 pages) ,
- Getting started manual (25 pages)
Table of Contents
Advertisement
Configuring Secure Socket Layer HTTP
Command or Action
Step 5
ip http secure-ciphersuite
{[3des-ede-cbc-sha] [rc4-128-md5]
[rc4-128-sha] [des-cbc-sha]}
Example:
Switch(config)# ip http
secure-ciphersuite rc4-128-md5
Step 6
ip http secure-client-auth
Example:
Switch(config)# ip http
secure-client-auth
Step 7
ip http secure-trustpoint name
Example:
Switch(config)# ip http
secure-trustpoint your_trustpoint
Step 8
ip http path path-name
Example:
Switch(config)# ip http path
/your_server:80
Step 9
ip http access-class access-list-number
Example:
Switch(config)# ip http access-class 2
Step 10
ip http max-connections value
Example:
Switch(config)# ip http max-connections
4
Step 11
ip http timeout-policy idle seconds life
seconds requests value
OL-29048-01
Purpose
(Optional) Specifies the CipherSuites (encryption algorithms) to be used
for encryption over the HTTPS connection. If you do not have a reason
to specify a particularly CipherSuite, you should allow the server and
client to negotiate a CipherSuite that they both support. This is the default.
(Optional) Configures the HTTP server to request an X.509v3 certificate
from the client for authentication during the connection process. The
default is for the client to request a certificate from the server, but the
server does not attempt to authenticate the client.
Specifies the CA trustpoint to use to get an X.509v3 security certificate
and to authenticate the client certificate connection.
Use of this command assumes you have already configured a
Note
CA trustpoint according to the previous procedure.
(Optional) Sets a base HTTP path for HTML files. The path specifies
the location of the HTTP server files on the local system (usually located
in system flash memory).
(Optional) Specifies an access list to use to allow access to the HTTP
server.
(Optional) Sets the maximum number of concurrent connections that are
allowed to the HTTP server. We recommend that the value be at least
10 and not less. This is required for the UI to function as expected.
(Optional) Specifies how long a connection to the HTTP server can
remain open under the defined circumstances:
Catalyst 2960-X Switch Security Configuration Guide, Cisco IOS Release 15.0(2)EX
Configuring the Secure HTTP Server
133
Hide quick links:
Advertisement
Table of Contents
