Allied Telesis AT-8100 Series User Manual

Chapter 94: Secure HTTPS Web Browser Server

1456

At this point, the switch, if it has a management IP address, is ready for
remote management with a web browser application. To start a
management session, enter the IP address of the switch in the URL field
of your web browser, being sure to include the prefix “https://”.

Here is an example of how to create a self-signed certificate and how to
configure the HTTPS web browser server for the certificate. The
specifications of the certificate are listed here:



ID number: 2



Key length: 1280



Passphrase: trailtree



Common name: 167.214.121.45 (This is the IP address of the
switch.)



Organizational unit: Sales



Organization: Jones_Industries



Location: San_Jose



State: California



Country: US



Duration: 365 days

awplus> enable

Enter the Privileged Exec mode
from the User Exec mode.

awplus# configure terminal

Enter the Global Configuration
mode.

awplus(config)# crypto certificate 2 generate
1280 trailtree 167.214.121.45 Sales
Jones_Industries San_Jose California US 365

Create the self-signed certificate
with “CRYPTO CERTIFICATE
GENERATE” on page 1467.

Here is what the switch displays
as it creates the certificate.

awplus(config)# ip https certificate 2

Designate the new certificate as
the active certificate on the switch
with “IP HTTPS CERTIFICATE” on
page 1474.

awplus(config)# no http server

If the non-secure HTTP web
browser server is enabled on the
unit, disabled it with “NO
SERVICE HTTP” on page 1448.

Generating a 1280 bit RSA private key
........................................+++++
..................................+++++
writing new private key to '/cfg/cert2.pem'