9-4
Security
Secure Connection
■ Uploaded certificates can also be self-signed (by a server other than the switch), or they can be root
certificates. A root certificate has been digitally signed by a CA, and is therefore considered to provide
a higher level of security.
You can also upload the encryption parameter files that provide algorithms for encrypting the key exchanges.
To display the Secure HTTP Configuration page, click Security > Secure Connection in the navigation pane.
Figure 9-2. Secure HTTP Configuration
Table 9-2. Secure HTTP Configuration Fields
Note Upload or regenerate a certificate when the previous certificate has expired, or when you have reason to suspect
that security has been breached and the certificate has been taken for use by another server.
■ If you click , the Upload Certificates page displays. See “Uploading SSL Certificates and Encryption
Files” on page 9-5.
■ If you click , the switch creates its own self-signed public key certificate. The status of the process
displays in the Status field.
■ If the value of the Certificate Status field is Present, you can click to delete the existing certificate.
■ If you enable or disable HTTPS Admin Mode, or change the timeout settings, click Apply to save the
changes for the current boot session. The changes take effect immediately.
Field Description
HTTP Admin Mode Enable the Administrative mode of HTTP. This feature is enabled by default and can
only be disabled when the HTTPS Admin mode is enabled.
HTTPS Admin Mode Enable to allow secure HTTPS sessions. When enabled, ensure that the Certificate
Status field reflects that a certificate is present. This feature is disabled by default.
Note that you can only upload SSL certificates when this mode is disabled.
HTTPS Session Soft Time Out The number of minutes after which an HTTPS session times-out if there is no user
activity. The default value is 5 minutes.
HTTPS Session Hard Time
Out
The number of minutes after which an HTTPS session times-out, regardless of recent
user activity. The default value is 24 hours.
Certificate Status The status of the SSL certificate generation process:
Present—A certificate is available for use with HTTPS sessions.
Absent—No certificate is available on the switch. This is the default value.
Generation in Progress—An SSL certificate is currently being generated.
To Next Page
Need help?
General