Filter
Top Products
AT-S63 Management Software Features Guide
Section IX: Management Security 385
Configuring the Web Server for HTTPS
The following sections outline the steps for configuring the web server on
the switch for HTTPS operation with a self-signed or CA certificate. The
steps reference only the command line commands, but the web server can
be configured from the menus interface, too.
General Steps for
a Self-signed
Certificate
These steps configure the web server with a self-signed certificate:
1. Set the switch’s date and time. The date and time are stamped in the
certificate.
2. Create a public and private key pair with the CREATE ENCO KEY
command.
3. Create a self-signed certificate using the public and private key pair
with the CREATE PKI CERTIFICATE command.
4. Add the certificate to the certificate database with the ADD PKI
CERTIFICATE command.
5. Disable the web server with the DISABLE HTTP SERVER command.
6. Activate HTTPS in the web server with the SET HTTP SERVER
command.
7. Enable the web server with the ENABLE HTTP SERVER command.
For an example of this command sequence, refer to the SET HTTP
SERVER command in the AT-S63 Management Software Command Line
Interface User’s Guide.
General Steps for
a Public or
Private CA
Certificate
These steps configure the web server with a public or private CA
certificate.
1. Set the switch’s date and time. The date and time are stamped in the
enrollment request.
2. Create a public and private key pair with the CREATE ENCO KEY
command.
3. Generate an enrollment request with the CREATE PKI
ENROLLMENTREQUEST command.
4. Upload the enrollment request from the switch’s file system with the
UPLOAD METHOD=TFTP or UPLOAD METHOD=XMODEM
command.
5. Submit the enrollment request to a public or private CA.