H3C Technologies H3C S12500 Series Switches User Manual
Page 56
44
[Sysname] ip https ssl-server-policy myssl
# Associate the HTTPS service with certificate attribute-based access control policy myacp.
[Sysname] ip https certificate access-control-policy myacp
# Enable the HTTPS service.
[Sysname] ip https enable
# Create local user usera, set the password to 123, assign the Web service type to the user, and ,
and specify the user privilege level 3.
[Sysname] local-user usera
[Sysname-luser-usera] password simple 123
[Sysname-luser-usera] authorization-attribute level 3
[Sysname-luser-usera] service-type web
2.
Configure the host (HTTPS client):
On the host, run the IE browser, and then enter http://10.1.2.2/certsrv in the address bar and
request a certificate for the host as prompted.
3.
Verify the configuration:
On the host, enter https://10.1.1.1 in the browser's address bar and then select the certificate
issued by new-ca. When the Web login page of the switch appears, enter the username usera and
password 123 to log in to the Web management page.
For more information about PKI configuration commands, SSL configuration commands, and the
public-key local create rsa command, see Security Command Reference.