Configuring Secure Socket Layer (SSL)
Prerequisite for Using SSL
Prerequisite for Using SSL
Before using the switch as an SSL server, you must install a publicly or
commercially available SSL enabled web browser application on the com-
puter(s) you use for management access to the switch.
Steps for Configuring and Using SSL for
Switch and Client Authentication
The general steps for configuring SSL include:
A. Client Preparation
1. Install an SSL capable browser application on a management station
you want to use for access to the switch. (Refer to the documentation
provided with your browser.)
Note: The latest versions of Microsoft Internet Explorer and Netscape web browser
support SSL and TLS functionality. See browser documentation for additional
details
B. Switch Preparation
1. Assign a login (Operator) and enable (Manager) password on the
switch. (page 8-7)
2. Generate a host certificate on the switch. (page 8-8)
i. Generate certificate key pair
ii. Generate host certificate
You need to do this only once. The switch's own public/private
certificate key pair and certificate are stored in the switch's flash
memory and are not affected by reboots or the erase startup-config
command. (You can remove or replace this certificate, if necessary.)
The certificate key pair and the SSH key pair are independent of each
other, which means a switch can have two keys pairs stored in flash.
3. Enable SSL on the switch. (page 8-17)
8-5
