User's Manual 868 Document #: LTRT-89730
Mediant 3000
58.4.2 HTTPS Parameters
The Secure Hypertext Transport Protocol (HTTPS) parameters are described in the table
below.
Table 58-25: HTTPS Parameters
Parameter Description
Secured Web
Connection (HTTPS)
[HTTPSOnly]
Determines the protocol used to access the Web interface.
 [0] HTTP and HTTPS (default).
 [1] HTTPs Only = Unencrypted HTTP packets are blocked.
Note: For the parameter to take effect, a device reset is required.
[HTTPSPort]
Defines the local Secured HTTPS port of the device. The parameter
allows secure remote device Web management from the LAN. To enable
secure Web management from the LAN, configure the desired port.
The valid range is 1 to 65535 (other restrictions may apply within this
range). The default port is 443.
Note: For the parameter to take effect, a device reset is required.
HTTPS Cipher String
[HTTPSCipherString]
Defines the Cipher string for HTTPS (in OpenSSL cipher list format). For
the valid range values, refer to URL
http://www.openssl.org/docs/apps/ciphers.html.
The default is ‘RC4:EXP’ (Export encryption algorithms). For example,
use ‘ALL’ for all ciphers suites (e.g., for ARIA encryption for TLS). The
only ciphers available are RC4 and DES, and the cipher bit strength is
limited to 56 bits.
Notes:
 For the parameter to take effect, a device reset is required.
 If the installed Software License Key includes the Strong Encryption
feature, the default of the parameter is changed to ‘RC4:EXP’,
enabling RC-128bit encryption.
 The value ‘ALL’ can be configured only if the installed Software
License Key includes the Strong Encryption feature.
Requires Client
Certificates for HTTPS
connection
[HTTPSRequireClientCer
tificate]
Enables the requirement of client certificates for HTTPS connection.
 [0] Disable = (Default) Client certificates are not required.
 [1] Enable = Client certificates are required. The client certificate must
be preloaded to the device and its matching private key must be
installed on the managing PC. Time and date must be correctly set on
the device for the client certificate to be verified.
Notes:
 For the parameter to take effect, a device reset is required.
 For a description on implementing client certificates, see ''TLS for
Remote Device Management'' on page 134.
[HTTPSRootFileName] Defines the name of the HTTPS trusted root certificate file to be loaded
using TFTP. The file must be in base64-
encoded PEM (Privacy Enhanced
Mail) format.
The valid range is a 47-character string.
Note: The parameter is applicable only when the device is loaded using
BootP/TFTP.
[HTTPSPkeyFileName] Defines the name of a private key file (in unencrypted PEM format) to be
loaded from the TFTP server.
To Next Page
Loading...
Need help?
General
