Associating The Https Service With A Certificate Attribute Access Control Policy; Associating The Https Service With An Acl; Displaying And Maintaining Https - H3C S5600 Series Operation Manual

Associating the HTTPS Service with a Certificate Attribute Access
Control Policy
Associating the HTTPS service with a configured certificate access control policy helps control the
access right of the client, thus providing the device with enhanced security.
Follow these steps to associate the HTTPS service with a certificate attribute access control policy:
To do...
Enter system view
Associate the HTTPS service with
a certificate attribute access
control policy
If the ip https certificate access-control-policy command is executed repeatedly, the HTTPS
server is only associated with the last specified certificate attribute access control policy.
If the HTTPS service is associated with a certificate attribute access control policy, the
client-verify enable command must be configured in the SSL server policy. Otherwise, the client
cannot log onto the device.
If the HTTPS service is associated with a certificate attribute access control policy, the latter must
contain at least one permit rule. Otherwise, no HTTPS client can log onto the device.

Associating the HTTPS Service with an ACL

Associating the HTTPS service with an ACL can filter out requests from some clients to let pass only
clients that pass the ACL filtering.
Follow these steps to associate the HTTPS service with an ACL:
To do...
Enter system view
Associate the HTTPS service with
an ACL

Displaying and Maintaining HTTPS

To do...
Display information about
HTTPS
Use the command...
system-view
ip https certificate
access-control-policy
policy-name
Use the command...
system-view
ip https acl acl-number
Use the command...
display ip https
1-3
Remarks
—
Required
Not associated by default.
Remarks
—
Required
Not associated by default.
Remarks
Available in any view