Secure Connection
71
Upload or regenerate a certificate when the previous certificate has expired, or when you have reason
to suspect that security has been breached and the certificate has been taken for use by another
server.
If you click
, the Upload Certificates page displays. See
“Uploading SSL Certificates and
Encryption Files” on page 71
.
If you click
, the switch creates its own self-signed public key certificate. The status of the pro-
cess displays in the
Status
field.
If the value of the
Certificate Status
field is
Present
, you can click
to delete the existing certif-
icate.
If you enable or disable HTTPS Admin Mode, or change the timeout settings, click
Apply
to save
the changes for the current boot session. The changes take effect immediately but are not
retained across a switch reset unless you click
Save Configuration
.
Uploading SSL Certificates and Encryption Files
You can upload a public key certificate that has been signed by another server, or a root certificate that
has been signed by a certificate authority. You can also upload Diffie-Hellman (DH) encryption param-
eter files, which establish the algorithms for encrypting key exchanges.
Before you upload a file to the switch, the following conditions must be met:
The file is on the server in the appropriate directory.
The file is in the correct format.
The switch has a path to the server.
Use the following procedure to upload an SSL certificate or DH files to the switch.
1.
If enabled, set the
HTTPS Admin Mode
to
Disabled
.
2.
Click .
The Upload Certificates page displays.
HTTPS Session Hard Time
Out
The number of minutes after which an HTTPS session times-out, regardless of recent user
activity. The default value is 24 hours.
Certificate Status
The status of the SSL certificate generation process:
Present
—A certificate is available for use with HTTPS sessions.
Absent
—No certificate is available on the switch. This is the default value.
Generation in Progress
—An SSL certificate is currently being generated.
Field
Description
