H3C S5500-EI series Operation Manual page 1491
Hide thumbs
Also See for S5500-EI series:
- Configuration manual (490 pages) ,
- Security configuration manual (448 pages) ,
- Operation manual (216 pages)
Table of Contents
Advertisement
Operation Manual – SSL-HTTPS
H3C S5500-EI Series Ethernet Switches
[Switch-ssl-server-policy-myssl] pki-domain 1
[Switch-ssl-server-policy-myssl] client-verify enable
[Switch-ssl-server-policy-myssl] quit
3)
Configure certificate access control policy
# Configure certificate attribute group.
[Switch] pki certificate attribute-group mygroup1
[Switch-pki-cert-attribute-group-mygroup1] attribute 1 issuer-name dn ctn
new-ca
[Switch-pki-cert-attribute-group-mygroup1] quit
# Configure certificate access control policy myacp and create a control rule.
[Switch] pki certificate access-control-policy myacp
[Switch-pki-cert-acp-myacp] rule 1 permit mygroup1
[Switch-pki-cert-acp-myacp] quit
4)
Reference an SSL server policy
# Associate the HTTPS service with the SSL server policy myssl.
[Switch] ip https ssl-server-policy myssl
5)
Associate the HTTPS service with a certificate attribute access control policy
# Associate the HTTPS service with a certificate attribute access control policy myacp.
[Switch] ip https certificate access-control-policy myacp
6)
Enable the HTTPS service
# Enable the HTTPS service.
[Switch] ip https enable
7)
Verify the configuration
Launch the IE explorer on Host, and enter https://10.1.1.1. You can log onto Switch and
control it.
Note:
For details of PKI commands, refer to PKI Commands.
For details of the public-key local create rsa command, refer to SSH Commands.
2-6
Chapter 2 HTTPS Configuration
Advertisement
Chapters
Table of Contents
Troubleshooting
