Replacing the default secure-site certificate, Figure 188 confi, Replacing the default secure-site – Brocade Communications Systems Brocate Ethernet Access Switch 6910 User Manual

848

Brocade 6910 Ethernet Access Switch Configuration Guide

53-1002581-01

Configuring HTTPS

41

Parameters

These parameters are displayed:

•

HTTPS Status – Allows you to enable/disable the HTTPS server feature on the switch. (Default:
Enabled)

•

HTTPS Port – Specifies the UDP port number used for HTTPS connection to the switch’s web
interface. (Default: Port 443)

Interface

To configure HTTPS:

1. Click Security, HTTPS.

2. Select Configure Global from the Step list.

3. Enable HTTPS and specify the port number if required.

4. Click Apply.

FIGURE 188

Configuring HTTPS

Replacing the Default Secure-site Certificate

Use the Security > HTTPS (Copy Certificate) page to replace the default secure-site certificate.

When you log onto the web interface using HTTPS (for secure access), a Secure Sockets Layer (SSL)
certificate appears for the switch. By default, the certificate that the web browser displays will be
associated with a warning that the site is not recognized as a secure site. This is because the
certificate has not been signed by an approved certification authority. If you want this warning to be
replaced by a message confirming that the connection to the switch is secure, you must obtain a
unique certificate and a private key and password from a recognized certification authority.

CAUTION
For maximum security, we recommend you obtain a unique Secure Sockets Layer certificate at
the earliest opportunity. This is because the default certificate for the switch is not unique to the
hardware you have purchased.

When you have obtained these, place them on your TFTP server and transfer them to the switch to
replace the default (unrecognized) certificate with an authorized one.