Dell FCX624-E Laptop User Manual


  Open as PDF
of 1494
 
1162 PowerConnect B-Series FCX Configuration Guide
53-1002266-01
Configuring SSL security for the Web Management Interface
32
PowerConnect(config)#web-management https
Syntax: [no] web-management http | https
You can enable either the HTTP or HTTPs servers with this command. You can disable both the
HTTP and HTTPs servers by entering the following command.
PowerConnect(config)#no web-management
Syntax: no web-management
Specifying a port for SSL communication
By default, SSL protocol exchanges occur on TCP port 443. You can optionally change the port
number used for SSL communication.
For example, the following command causes the device to use TCP port 334 for SSL
communication.
PowerConnect(config)#ip ssl port 334
Syntax: [no] ip ssl port <port-number>
The default port for SSL communication is 443.
Changing the SSL server certificate key size
The default key size for Dell-issued and imported digital certificates is 1024 bits. If desired, you can
change the default key size to a value between 512 and 4096 bits. To do so, enter a command
such as the following at the Global CONFIG level of the CLI.
PowerConnect(config)#ip ssl cert-key-size 3000
Syntax: ip ssl cert-key-size <512 – 4096>
NOTE
The SSL server certificate key size applies to digital certificates issued by Dell, as well as imported
certificates.
Support for SSL digital certificates larger than 2048 bytes
Dell PowerConnect devices have the ability to store and retrieve SSL digital certificates that are up
to 4000 bytes in size. Earlier releases support SSL certificates not larger than 2048 bytes.
Support for SSL certificates larger than 2048 bytes is automatically enabled. You do not need to
perform any configuration procedures to enable it.
Importing digital certificates and RSA private key files
To allow a client to communicate with other Dell PowerConnect device using an SSL connection,
you configure a set of digital certificates and RSA public-private key pairs on the device. A digital
certificate is used for identifying the connecting client to the server. It contains information about
the issuing Certificate Authority, as well as a public key. You can either import digital certificates
and private keys from a server, or you can allow the Dell PowerConnect device to create them.