Replacing the default secure-site certificate, Figure 3-23. https settings – Alcatel Carrier Internetworking Solutions OmniStack 6300-24 User Manual

Configuring the Switch

3-46

3

• To specify a secure-site certificate, see “Replacing the Default Secure-site

Certificate” on page 3-46.

Command Attributes
• HTTPS Status – Allows you to enable/disable the HTTPS server feature on the

switch. (Default: Enabled)

• Change HTTPS Port Number – Specifies the UDP port number used for HTTPS/

SSL connection to the switch’s web interface. (Default: Port 443)

Web – Click Security, HTTPS Settings. Enable HTTPS and specify the port number,
then click Apply.

Figure 3-23. HTTPS Settings

CLI – This example enables the HTTP secure server and modifies the port number.

Replacing the Default Secure-site Certificate

When you log onto the web interface using HTTPS (for secure access), a Secure
Sockets Layer (SSL) certificate appears for the switch. By default, the certificate that
Netscape and Internet Explorer display will be associated with a warning that the
site is not recognized as a secure site. This is because the certificate has not been
signed by an approved certification authority. If you want this warning to be replaced
by a message confirming that the connection to the switch is secure, you must
obtain a unique certificate and a private key and password from a recognized
certification authority.

Caution:

For maximum security, we recommend you obtain a unique Secure Sockets
Layer certificate at the earliest opportunity. This is because the default
certificate for the switch is not unique to the hardware you have purchased.

Console(config)#ip http secure-server

4-30

Console(config)#ip http secure-port 441

4-31

Console(config)#