Enabling the https service – H3C Technologies H3C WX6000 Series Access Controllers User Manual

67-2

Follow these steps to associate the HTTPS service with an SSL server policy:

To do…

Use the command…

Remarks

Enter system view

system-view

—

Associate the HTTPS service with
an SSL server policy

ip https ssl-server-policy
policy-name

Required
Not associated by default

z

If the ip https ssl-server-policy command is executed repeatedly, the HTTPS service is only
associated with the last specified SSL server policy.

z

When the HTTPS service is disabled, the association between the HTTPS service and the SSL
server is automatically removed. To enable it again, you need to re-associate the HTTPS service
with an SSL server policy.

z

When the HTTPS service is enabled, no modification of its associated SSL server policy takes
effect.

Enabling the HTTPS Service

Before configuring the HTTPS, make sure that the HTTPS server is enabled. Otherwise, other related
configurations cannot take effect.

Follow these steps to enable the HTTPS service:

To do…

Use the command…

Remarks

Enter system view

system-view

—

Enable the HTTPS service

ip https enable

Required
Disabled by default.

z

After the HTTPS service is enabled, you can use the display ip https command to view the state
of the HTTPS service and verify the configuration.

z

Enabling of the HTTPS service will trigger an SSL handshake negotiation process. During the
process, if the local certificate of the device already exists, the SSL negotiation is successfully
performed, and the HTTPS service can be started normally. If no local certificate exists, a
certificate application process will be triggered by the SSL negotiation. Since the application
process takes much time, the SSL negotiation may fail and the HTTPS service cannot be started
normally. Therefore, the ip https enable command must be executed for multiple times to ensure
normal startup of the HTTPS service.