Configuring The Secure Http Client; Displaying Secure Http Server And Client Status - Cisco IE-3000-8TC Software Configuration Manual
Software configuration guide
Hide thumbs
Also See for IE-3000-8TC:
- Command reference manual (802 pages) ,
- Administration manual (496 pages) ,
- Message manual (98 pages)
Table of Contents
Advertisement
Chapter 11
Configuring Switch-Based Authentication
Configuring the Secure HTTP Client
The standard HTTP client and secure HTTP client are always enabled. A certificate authority is required
for secure HTTP client certification. This procedure assumes that you have previously configured a CA
trustpoint on the switch. If a CA trustpoint is not configured and the remote HTTPS server requires client
authentication, connections to the secure HTTP client fail.
Beginning in privileged EXEC mode, follow these steps to configure a secure HTTP client:
Command
Step 1
configure terminal
Step 2
ip http client secure-trustpoint name
Step 3
ip http client secure-ciphersuite
{[3des-ede-cbc-sha] [rc4-128-md5]
[rc4-128-sha] [des-cbc-sha]}
Step 4
end
Step 5
show ip http client secure status
Step 6
copy running-config startup-config
Use the no ip http client secure-trustpoint name to remove a client trustpoint configuration. Use the
no ip http client secure-ciphersuite to remove a previously configured CipherSuite specification for
the client.
Displaying Secure HTTP Server and Client Status
To display the SSL secure server and client status, use the privileged EXEC commands in
Table 11-3
Command
show ip http client
secure status
show ip http server
secure status
show running-config
OL-13018-03
Purpose
Enter global configuration mode.
(Optional) Specify the CA trustpoint to be used if the remote HTTP server
requests client authentication. Using this command assumes that you have
already configured a CA trustpoint by using the previous procedure. The
command is optional if client authentication is not needed or if a primary
trustpoint has been configured.
(Optional) Specify the CipherSuites (encryption algorithms) to be used
for encryption over the HTTPS connection. If you do not have a reason to
specify a particular CipherSuite, you should allow the server and client to
negotiate a CipherSuite that they both support. This is the default.
Return to privileged EXEC mode.
Display the status of the HTTP secure server to verify the configuration.
(Optional) Save your entries in the configuration file.
Commands for Displaying the SSL Secure Server and Client Status
Purpose
Shows the HTTP secure client configuration.
Shows the HTTP secure server configuration.
Shows the generated self-signed certificate for secure HTTP connections.
Configuring the Switch for Secure Socket Layer HTTP
Cisco IE 3000 Switch Software Configuration Guide
Table
11-3:
11-43
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
