Displaying and maintaining https, Https configuration example, Network requirements – H3C Technologies H3C WX6000 Series Access Controllers User Manual

67-4

Displaying and Maintaining HTTPS

To do…

Use the command…

Remarks

Display information about HTTPS

display ip https

Available in any view

HTTPS Configuration Example

Network requirements

z

Host acts as the HTTPS client and AC acts as the HTTPS server.

z

Host accesses AC through Web to control AC.

z

CA (Certificate Authority) issues certificate to AC. The common name of CA is new-ca.

In this configuration example, Windows Server serves as CA and you need to install Simple Certificate
Enrollment Protocol (SCEP) component.

Network diagram

Figure 67-1

Network diagram for HTTPS configuration

Vlan-int2

10.1.1.1/24

Vlan-int3
10.1.2.1/24

Host

CA

10.1.1.2/24

10.1.2.2/24

AC

Configuration procedure

Perform the following configurations on AC:

1) Apply for a certificate for AC

# Configure a PKI entity.

<AC> system-view

[AC] pki entity en

[AC-pki-entity-en] common-name http-server1

[AC-pki-entity-en] fqdn ssl.security.com

[AC-pki-entity-en] quit

# Configure a PKI domain.

[AC] pki domain 1

[AC-pki-domain-1] ca identifier ca1

[AC-pki-domain-1] certificate request url http://10.1.2.2:8080/certsrv/mscep/mscep.dll

[AC-pki-domain-1] certificate request from ra