Cisco Systems IE 2000 Switch User Manual


  Open as PDF
of 924
 
12-44
Cisco IE 2000 Switch Software Configuration Guide
OL-25866-01
Chapter 12 Configuring Switch-Based Authentication
Monitoring and Maintaining Switch-Based Authentication
Configuring the Secure HTTP Client
Before You Begin
The standard HTTP client and secure HTTP client are always enabled. A certificate authority is required
for secure HTTP client certification. This procedure assumes that you have previously configured a CA
trustpoint on the switch. If a CA trustpoint is not configured and the remote HTTPS server requires client
authentication, connections to the secure HTTP client fail.
Monitoring and Maintaining Switch-Based Authentication
Step 12
end Returns to privileged EXEC mode.
Step 13
show ip http server secure status Displays the status of the HTTP secure server to verify the configuration.
Command Purpose
Command Purpose
Step 1
configure terminal Enters global configuration mode.
Step 2
ip http client secure-trustpoint name (Optional) Specifies the CA trustpoint to be used if the remote HTTP
server requests client authentication. Using this command assumes that
you have already configured a CA trustpoint by using the previous
procedure. The command is optional if client authentication is not needed
or if a primary trustpoint has been configured.
Step 3
ip http client secure-ciphersuite
{[3des-ede-cbc-sha] [rc4-128-md5]
[rc4-128-sha] [des-cbc-sha]}
(Optional) Specifies the CipherSuites (encryption algorithms) to be used
for encryption over the HTTPS connection. If you do not have a reason to
specify a particular CipherSuite, you should allow the server and client to
negotiate a CipherSuite that they both support. This is the default.
Step 4
end Returns to privileged EXEC mode.
Step 5
show ip http client secure status Displays the status of the HTTP secure server to verify the configuration.
Step 6
copy running-config startup-config (Optional) Saves your entries in the configuration file.
Command Purpose
show running-config Verifies your configured entries.
copy running-config startup-config Saves your entries in the configuration file.
show tacacs Displays the TACACS+ server statistics.
debug radius Displays the information associated with RADIUS.
debug aaa coa Displays the debug information for CoA processing.
debug cmdhd Displays the debug information for the command handler.
show aaa attributes protocol radius Displays the RADIUS attributes.
show ip ssh Displays the version and configuration information for the
SSH server.
show ssh Displays the status of the SSH server.
 previous next