H3C Technologies H3C SecBlade LB Cards User Manual

36

To configure HTTPS login:

Step Command

Remarks

1.

Specify a fixed verification
code for Web login.

web captcha verification-code

Optional.
By default, a Web user must enter the
verification code indicated on the login

page to log in.
This command is available in user view.

2.

Enter system view.

system-view N/A

3.

Associate the HTTPS
service with an SSL server

policy.

ip https ssl-server-policy
policy-name

Optional.
By default, the HTTPS service is not

associated with any SSL server policy,
and the LB product uses a self-signed

certificate for authentication.
If you disable the HTTPS service, the

system automatically de-associates the
HTTPS service from the SSL service

policy. Before re-enabling the HTTPS

service, associate the HTTPS service with
an SSL server policy first.
If the HTTPS service has been enabled,
any changes to the SSL server policy

associated with it do not take effect.

4.

Enable the HTTPS service. ip https enable

By default, HTTPS is disabled.
Enabling the HTTPS service triggers an

SSL handshake negotiation process.

During the process, if the local certificate
of the LB product exists, the SSL

negotiation succeeds, and the HTTPS

service can be started properly. If no
local certificate exists, a certificate

application process will be triggered by

the SSL negotiation. Because the
application process takes much time, the

SSL negotiation often fails and the HTTPS

service cannot be started normally. In
that case, execute the ip https enable

command multiple times to start the

HTTPS service.