Configuring https login – H3C Technologies H3C SecPath F1000-E User Manual

37

Step Command

Remarks

3.

Configure the HTTP service

port number.

ip http port port-number

Optional.
80 by default.
If you execute the command

multiple times, the last one takes
effect.

4.

Associate the HTTP service
with an ACL.

ip http acl acl-number

Optional.
By default, the HTTP service is not
associated with any ACL.
Associating the HTTP service with
an ACL enables the device to allow

only clients permitted by the ACL to

access the device.

5.

Create a local user and enter
local user view.

local-user user-name

By default, no local user is
configured.

6.

Configure a password for the
local user.

password { cipher | simple }
password

By default, no password is
configured for the local user.

7.

Specify the command level of
the local user.

authorization-attribute level level

No command level is configured
for the local user.

8.

Specify the Telnet service type
for the local user.

service-type web

By default, no service type is
configured for the local user.

9.

Exit to system view.

quit

N/A

10.

Enter management interface

view.

interface interface-type
interface-number

N/A

11.

Assign an IP address to the
interface.

ip address ip-address { mask |
mask-length }

By default, the IP address of the
management interface is

192.168.0.1/24.

Configuring HTTPS login

HTTPS is not supported in FIPS mode.
To configure HTTPS login:

Step Command

Remarks

1.

Enter system view.

system-view N/A

2.

Associate the HTTPS service
with an SSL server policy.

ip https
ssl-server-policy

policy-name

By default, the HTTPS service is not associated
with any SSL server policy.
If you disable the HTTPS service, the system
automatically de-associates the HTTPS service

from the SSL service policy. Before re-enabling

the HTTPS service, associate the HTTPS service

with an SSL server policy first.
Any changes to the SSL server policy
associated with the HTTP service that is

enabled do not take effect.