Step |
| Command | Remarks | |
|
|
| Optional. | |
|
|
| By default, the HTTPS service is not associated | |
|
|
| with any SSL server policy, and the device uses | |
|
|
| a | |
3. | Associate the HTTPS | ip https | If you disable the HTTPS service, the system | |
| service with an SSL server | automatically | ||
| policy. | from the SSL service policy. Before | ||
|
|
| the HTTPS service, associate the HTTPS service | |
|
|
| with an SSL server policy first. | |
|
|
| If the HTTPS service has been enabled, any | |
|
|
| changes to the SSL server policy associated | |
|
|
| with it do not take effect. | |
|
|
|
| |
|
|
| By default, HTTPS is disabled. | |
|
|
| Enabling the HTTPS service triggers an SSL | |
|
|
| handshake negotiation process. During the | |
|
|
| process, if the local certificate of the device | |
|
|
| exists, the SSL negotiation succeeds, and the | |
|
|
| HTTPS service can be started properly. If no | |
4. | Enable the HTTPS service. | ip https enable | local certificate exists, a certificate application | |
|
|
| process will be triggered by the SSL | |
|
|
| negotiation. Because the application process | |
|
|
| takes much time, the SSL negotiation often fails | |
|
|
| and the HTTPS service cannot be started | |
|
|
| normally. In that case, execute the ip https | |
|
|
| enable command multiple times to start the | |
|
|
| HTTPS service. | |
|
|
|
| |
|
|
| Optional. | |
|
|
| By default, the HTTPS service is not associated | |
|
|
| with any | |
|
|
| control policy. | |
|
|
| Associating the HTTPS service with a | |
|
|
| ||
5. | Associate the HTTPS |
| enables the device to control the access rights | |
ip https certificate | of clients. | |||
| service with a certificate | |||
| You must configure the | |||
| ||||
| control policy. | command in the associated SSL server policy. | ||
|
|
| If not, no clients can log in to the device. | |
|
|
| The associated SSL server policy must contain | |
|
|
| at least one permit rule. Otherwise, no clients | |
|
|
| can log in to the device. | |
|
|
| For more information about certificate | |
|
|
| ||
|
|
| VPN Configuration Guide. | |
|
|
|
| |
6. | Specify the HTTPS service | ip https port | Optional. | |
| port number. | The default HTTPS service port is 443. | ||
|
| |||
|
|
| ||
|
|
|
|
55