Configuring Secure Socket Layer (SSL)

Terminology

Root Certificate: A trusted certificate used by certificate authorities to sign certificates (CA-Signed Certificates) and used later on to verify that authenticity of those signed certificates. Trusted certificates are distrib- uted as an integral part of most popular web clients. (see browser docu- mentation for which root certificates are pre-installed).

Manager Level: Manager privileges on the switch.

Operator Level: Operator privileges on the switch.

Local password or username: A Manager-level or Operator-level password configured in the switch.

SSL Enabled: (1)A certificate key pair has been generated on the switch

(web interface or CLI command: crypto key generate cert [key size]

(2) A certificate been generated on the switch (web interface or CLI command: crypto host-cert generate self-signed[arg-list]) and (3) SSL is enabled (web interface or CLI command: web-management ssl). (You can generate a certificate without enabling SSL, but you cannot enable SSL without first generating a Certificate.

7-4