Configuring The Secure Http Client - Cisco Catalyst 2960 series Configuration Manual
Consolidated platform configuration guide, ios release 15.2(4)e
Hide thumbs
Also See for Catalyst 2960 series:
- Software configuration manual (980 pages) ,
- Command reference manual (800 pages) ,
- Configuration manual (120 pages)
Table of Contents
Advertisement
Information About Secure Socket Layer HTTP
Configuring the Secure HTTP Client
Beginning in privileged EXEC mode, follow these steps to configure a secure HTTP client:
Before You Begin
The standard HTTP client and secure HTTP client are always enabled. A certificate authority is required for
secure HTTP client certification. This procedure assumes that you have previously configured a CA trustpoint
on the switch. If a CA trustpoint is not configured and the remote HTTPS server requires client authentication,
connections to the secure HTTP client fail.
SUMMARY STEPS
1. configure terminal
2. ip http client secure-trustpoint name
3. ip http client secure-ciphersuite {[3des-ede-cbc-sha] [rc4-128-md5] [rc4-128-sha] [des-cbc-sha]}
4. end
DETAILED STEPS
Command or Action
Step 1
configure terminal
Example:
Switch# configure terminal
Step 2
ip http client secure-trustpoint name
Example:
Switch(config)# ip http client
secure-trustpoint your_trustpoint
Step 3
ip http client secure-ciphersuite
{[3des-ede-cbc-sha] [rc4-128-md5]
[rc4-128-sha] [des-cbc-sha]}
Example:
Switch(config)# ip http client
secure-ciphersuite rc4-128-md5
Step 4
end
Example:
Switch(config)# end
Consolidated Platform Configuration Guide, Cisco IOS Release 15.2(4)E (Catalyst 2960-X Switches)
1134
Purpose
Enters the global configuration mode.
(Optional) Specifies the CA trustpoint to be used if the remote HTTP
server requests client authentication. Using this command assumes
that you have already configured a CA trustpoint by using the
previous procedure. The command is optional if client authentication
is not needed or if a primary trustpoint has been configured.
(Optional) Specifies the CipherSuites (encryption algorithms) to be
used for encryption over the HTTPS connection. If you do not have
a reason to specify a particular CipherSuite, you should allow the
server and client to negotiate a CipherSuite that they both support.
This is the default.
Returns to privileged EXEC mode.
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
