Creating a self- signed certificate, Creating a self-signed certificate – Allied Telesis AT-S60 User Manual

Chapter 21: Web Server Commands

238

Example

The following command disables the HTTP server:

disable http server

The following command configures the switch as an HTTPS server with a
key ID of 5:

set http server security=enabled sslkey=5

Creating a Self-

Signed

Certificate

This section provides a procedure to configure the switch as a web
server using a self-signed certificate. It is followed by an example.

For detailed information about the AT-S60 security features, see
Section III: Security Features in the AT-S60 Software Management
User’s Guide.

To create self-signed certificate, perform the following procedure. This
procedure lists the commands you need to enter and a cross reference
to the commands.

1. Set the date and time for the switch. You can do this manually using

SET DATE on page 64 and SET TIME on page 66. Or, you can
configure the switch to obtain the date and time from an SNTP server
using ADD SNTPSERVER IPADDRESS on page 59.

2. Assign a distinguished name to the switch using SET SYSTEM

DISTINGUISHEDNAME on page 261.

3. Create an encryption key pair using CREATE ENCO KEY on page 243.

4. Create a self-signed certificate using CREATE PKI CERTIFICATE on

page 252.

5. Add the self-signed certificate to the certificate database using ADD

PKI CERTIFICATE on page 250.

6. Disable the switch’s web server using DISABLE HTTP SERVER on

page 234.

7. Configure the web server using SET HTTP SERVER on page 237.

8. Activate the web server using ENABLE HTTP SERVER on page 235.