No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


Configuration Guide - Network Management and Monitoring

CloudEngine 8800, 7800, 6800, and 5800 V200R005C10

This document describes the configurations of Network Management and Monitoring, including SNMP, RMON, NETCONF, OpenFlow, LLDP, NQA, Mirroring, Packet Capture, Packet Trace, Path and Connectivity Detection Configuration, NetStream, sFlow, and iPCA.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring an HTTP Server

Configuring an HTTP Server

This section describes how to load an SSL policy on an HTTP server and how to enable an HTTP server to perform verification on clients.


HTTP is an application-layer protocol that transports hypertext from WWW servers to local browsers. HTTP uses the client/server model in which requests and replies are exchanged.

HTTP has a security risk, and HTTPS is thereby recommended.

HTTPS is secure HTTP that uses SSL's sound security mechanism to authenticate users and encrypt data exchanged between a client and a server, thereby improving the transmission security of HTTP.

A RESTCONF client and a RESTCONF server communicate using HTTP or HTTPS.

A RESTCONF client encapsulates a request in HTTP format and sends it to a RESTCONF server. Upon receiving the request, an HTTP server converts the request into a CAMLCSI message and sends the message to the RESTCONF server. The RESTCONF server parses and processes the request message, and sends a response packet to the HTTP server. The HTTP server encapsulates the response packet in HTTP format and sends it to the RESTCONF server.


  1. Run system-view

    The system view is displayed.

  2. Run aaa

    The AAA view is displayed.

  3. Run local-user user-name password [ cipher password | irreversible-cipher irreversible-cipher-password ]

    A local user name and a password are set.

  4. Run local-user user-name service-type service-type

    The access type of the local user is set.

  5. Run local-user user-name level level

    The level for a local user is set.


    The user level needs to be configured at management-level (level 3 or 15).

  6. Run quit

    Exit the AAA view.

  7. Run ssh authentication-type default password

    The password authentication is set for ssh user.

  8. Run http

    The HTTP view is displayed.

  9. Run service restconf

    The Service-Restconf view is displayed.

    By default, the Service-Restconf view is not created.

  10. Enable HTTP or HTTPS.

    To enable HTTPS, perform the following operations.

    1. Run the secure-server enable command to enable the HTTPS listening function.

      By default, the HTTPS listening function is disabled.

    2. (Optional) Run the secure-server port port-number command to configure an HTTPS service listening port.

      By default, HTTPS service listening uses port 443.

    3. Run the ssl-policy policy-name command to configure an SSL policy for an HTTP server.

      By default, no SSL policy is configured.

      The following configurations must have been complete before you run the ssl-policy command.
      1. An SSL policy has been created and the SSL policy view is displayed using the ssl policy policy-name command in the system view.

      2. A digital certificate or certificate chain has been loaded using the certificate load command in the SSL policy view.

      3. The HTTPS listening function has been enabled using the secure-server enable command in the Service-Restconf view.

    4. Run the ssl-verify peer command to configure an HTTP server to perform SSL verification on HTTP clients.

      By default, an HTTP server does not perform SSL verification on HTTP clients.

    To enable HTTP, perform the following operations.

    1. Run the server enable command to enable the HTTP listening function.

      By default, the HTTP listening function is disabled.

    2. (Optional) Run the server port port-number command to configure an HTTP service listening port.

      By default, HTTP service listening uses port 80.

  11. (Optional) Run acl { acl-name | acl-number }

    An HTTP ACL is configured.

    By default, no HTTP ACL is configured.

  12. (Optional) Run idle-timeout minutes

    A timeout period is configured for an idle HTTP connection.

    By default, the timeout period of an idle HTTP connection is 20 minutes.

  13. Run commit

    The configuration is committed.

Updated: 2019-04-20

Document ID: EDOC1100075365

Views: 42067

Downloads: 129

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Previous Next