HP 5800 Series Configuration Manual page 78

Hide thumbs Also See for 5800 Series:

Command reference manual (396 pages)

Quickspecs (53 pages)

Configuration manual (294 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

page of 200

/ 200
Contents
Table of Contents
Bookmarks

Table of Contents

# Create a certificate attribute group mygroup1, and configure a certificate attribute rule, specifying that the

Distinguished Name (DN) in the subject name includes the string of new-ca.

[Device] pki certificate attribute-group mygroup1

[Device-pki-cert-attribute-group-mygroup1] attribute 1 issuer-name dn ctn new-ca

[Device-pki-cert-attribute-group-mygroup1] quit

# Create a certificate attribute-based access control policy myacp. Configure a certificate attribute-based

access control rule, specifying that a certificate is considered valid when it matches an attribute rule in

certificate attribute group myacp.

[Device] pki certificate access-control-policy myacp

[Device-pki-cert-acp-myacp] rule 1 permit mygroup1

[Device-pki-cert-acp-myacp] quit

# Associate the HTTPS service with SSL server policy myssl.

[Device] ip https ssl-server-policy myssl

# Associate the HTTPS service with certificate attribute-based access control policy myacp.

[Device] ip https certificate access-control-policy myacp

# Enable the HTTPS service.

[Device] ip https enable

# Create a local user named usera, set the password to 123 for the user, and specify the Telnet service type

for the local user.

[Device] local-user usera

[Device-luser-usera] password simple 123

[Device-luser-usera] service-type telnet

Configure the host that acts as the HTTPS client

On the host, run the IE browser. In the address bar, enter http://10.1.2.2/certsrv and request a certificate for

the host as prompted.

Verify the configuration

Enter https://10.1.1.1 in the address bar, and select the certificate issued by new-ca. Then the web login

page of the Device appears. On the login page, type the username usera, and password 123 to enter the

web management page.

To log in to the web interface through HTTPS, enter the URL address starting with https://. To log in to the

web interface through HTTP, enter the URL address starting with http://.

For more information about PKI configuration commands, see Security Command Reference.

•

For more information about the public-key local create rsa command, see Security Command Reference.

•

For more information about SSL configuration commands, see Security Command Reference.

•

Table of Contents

Show Quick Links

Hide quick links:

Table of Contents

This manual is also suitable for:

5820x series A5820x series A5800 series

HP 5800 Series Configuration Manual page 78

Hide quick links:

Related Manuals for HP 5800 Series

Related Products for HP 5800 Series

This manual is also suitable for:

Table of Contents