Associating the https service with an acl, Displaying and maintaining https – H3C Technologies H3C S3600 Series Switches User Manual

1-3

Associating the HTTPS Service with a Certificate Attribute Access
Control Policy

Associating the HTTPS service with a configured certificate access control policy helps control the

access right of the client, thus providing the device with enhanced security.

Follow these steps to associate the HTTPS service with a certificate attribute access control policy:

To do…

Use the command…

Remarks

Enter system view

system-view

—

Associate the HTTPS service
with a certificate attribute
access control policy

ip https certificate
access-control-policy
policy-name

Required

Not associated by default.

z

If the ip https certificate access-control-policy command is executed repeatedly, the HTTPS

server is only associated with the last specified certificate attribute access control policy.

z

If the HTTPS service is associated with a certificate attribute access control policy, the

client-verify enable command must be configured in the SSL server policy. Otherwise, the client

cannot log onto the device.

z

If the HTTPS service is associated with a certificate attribute access control policy, the latter must

contain at least one permit rule. Otherwise, no HTTPS client can log onto the device.

Associating the HTTPS Service with an ACL

Associating the HTTPS service with an ACL can filter out requests from some clients to let pass only

clients that pass the ACL filtering.

Follow these steps to associate the HTTPS service with an ACL:

To do…

Use the command…

Remarks

Enter system view

system-view

—

Associate the HTTPS service
with an ACL

ip https acl acl-number

Required

Not associated by default.

Displaying and Maintaining HTTPS

To do…

Use the command…

Remarks

Display information about
HTTPS

display ip https

Available in any view