No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

AR500, AR510, and AR530 V200R007 Commands Reference

This document describes all the configuration commands of the device, including the command function, syntax, parameters, views, default level, usage guidelines, examples, and related commands.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
HTTPS Configuration Commands

HTTPS Configuration Commands

http secure-client ssl-policy

Function

The http secure-client ssl-policy command associates a client SSL policy to an HTTPS client.

The undo http secure-client ssl-policy command disassociates a client SSL policy from an HTTPS client.

By default, an HTTPS client is not associated with any client SSL policy.

Format

http secure-client ssl-policy policy-name

undo http secure-client ssl-policy

Parameters

Message

Description

Value

policy-name

Specifies the name of the client SSL policy to be associated with an HTTPS client.

The value is a string of 1 to 31 case-sensitive characters without spaces or question mark (?).

Views

System view

Level

3: Management level

Usage Guidelines

Use Scenario

When the web proxy service is configured on the device, if the web server only provides HTTPS service, this command is mandatory. The device functioning as the HTTPS client can use the data encryption, identity authentication, and message integrity check mechanisms provided by the SSL protocol to securely transmit data with the web server.

Prerequisites

A client SSL policy has been created using the ssl policy command.

Example

# Associate the client SSL policy users to the HTTPS client.

<Huawei> system-view
[Huawei] http secure-client ssl-policy users
Related Topics

http secure-server enable

Function

The http secure-server enable command enables the HTTPS server function on the device.

The undo http secure-server enable command disables the HTTPS server function on the device.

By default, the HTTPS server function is enabled on the device.

Format

http secure-server enable

undo http secure-server enable

Parameters

None

Views

System view

Default Level

3: Management level

Usage Guidelines

Usage Scenario

When users use the web page to access a remote device functioning as an HTTP server, the following problems exist:

  • Users cannot authenticate the device.
  • Privacy and integrity of data transmitted between users and the device cannot be ensured.

This command enables the device to function as an HTTPS server. The device uses the SSL protocol's data encryption, identity authentication, and message integrity check mechanisms to protect security of data transmitted between users and the device. These mechanisms ensure that users securely access a remote device on web pages.

Precautions

An SSL policy must have been associated with the HTTPS server using the http secure-server ssl-policy command. Otherwise, the http secure-server ssl-policy command does not take effect.

Example

# Enable the HTTPS server function on the device.

<Huawei> system-view
[Huawei] http secure-server enable

http secure-server ssl-policy

Function

The http secure-server ssl-policy command applies a server SSL policy to the HTTPS service.

The undo http secure-server ssl-policy command cancels the configuration.

By default, the server SSL policy applied to the HTTPS service on the device is default_policy.

Format

http secure-server ssl-policy policy-name

undo http secure-server ssl-policy

Parameters

Parameter

Description

Value

policy-name

Specifies the name of a server SSL policy.

The value is a string of 1 to 31 case-sensitive characters. It cannot contain any space or question mark (?).

Views

System view

Level

3: Management level

Usage Guidelines

Usage Scenario

This command applies a server SSL policy to the HTTPS service. The device functioning as the HTTPS server uses the SSL protocol's data encryption, identity authentication, and message integrity check mechanisms to ensure the security of data transmitted between users and the device.

Prerequisites

A server SSL policy has been created using the ssl policy command.

Precautions

After the HTTPS server function is enabled using the http secure-server enable command, you cannot change or delete the server SSL policy associated with the HTTPS server. Before changing or deleting the server SSL policy associated with the HTTPS server, run the undo http secure-server enable command to disable the HTTPS server function.

Example

# Apply a server SSL policy to the HTTPS service.

<Huawei> system-view
[Huawei] http secure-server ssl-policy users

http secure-server port

Function

Using the http secure-server port command, you can set the port number for the HTTPS service.

Using the undo http secure-server port command, you can restore the default port number of the HTTPS service.

By default, the port number of the HTTPS service is 443.

Format

http secure-server port port-number

undo http secure-server port

Parameters

Parameter

Description

Value

port-number

Specifies the port number of the HTTPS service.

The value is an integer that ranges from 1025 to 51200. The default value is 443.

Views

System view

Level

3: Management level

Usage Guidelines

Usage Scenario

By default, the port number of the HTTPS service is 443. Attackers may use the default port to attack an HTTPS server, reducing the bandwidth and deteriorating the performance of the HTTPS server. As a result, authorized users cannot access the HTTPS server.

This command allows you to set another port number for the HTTPS service to avoid such attacks.

Precautions

Changing the port number of the HTTPS service forces all online users to go offline. Therefore, exercise caution when performing this operation.

Example

# Set the port number of the HTTPS service to 1278.

<Huawei> system-view
[Huawei] http secure-server port 1278
Translation
Download
Updated: 2019-05-29

Document ID: EDOC1000097293

Views: 90197

Downloads: 124

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next