8-43
Catalyst 2960 Switch SoftwareConfiguration Guide
78-16881-01
Chapter8 Configuring Switch-Ba sed Authentication
Configuring the Switch for Secure Socket Layer HTTP
Use the no ip http client secure-trustpoint name to remove a client trustpoint configuration. Use the
no ip http client secure-ciphersuite to remove a previously configured CipherSuite specification for
the client.
Displaying Secure HTTP Server and Client Status
To display the SSL secure server and client status, use the privileged EXEC commands in Table 8-3 :
Step3 ip http client secure-ciphersuite
{[3des-ede-cbc-sha] [rc4-128-md5]
[rc4-128-sha] [des-cbc-sha]}
(Optional) Specify the CipherSuites (encryption algorithms) to be used
for encryption over the HTTPS connection. If you do not have a reason to
specify a particular CipherSuite, you should allow the server and client to
negotiate a CipherSuite that they both support. This is the default.
Step4 end Return to privileged EXEC mode.
Step5 show ip http client secure status Display the status of the HTTP secure server to verify the configuration.
Step6 copy running-config startup-config (Optional) Save your entries in the configuration file.
Command Purpose
Table8-3 Commands for Displaying the SSL Secure Server and Client Status
Command Purpose
show ip http client
secure status
Shows the HTTP secure client configuration.
show ip http server
secure status
Shows the HTTP secure server configuration.
show running-config Shows the generated self-signed certi ficate for secure HTTP connections.