Web Server Commands

This chapter contains the following sections:

ip https certificate

To configure the active certificate for HTTPS, use the ip https certificate Global Configuration mode command. To restore the default configuration, use the no form of this command.

Syntax

ip https certificate number

no ip https certificate

Parameters

number—Specifies the certificate number. (Range: 1–2)

Default Configuration

The default certificate number is 1.

Command Mode

Global Configuration mode

Example

The following example configures the active certificate for HTTPS.

switchxxxxxx(config)# ip https certificate 2

ip https logging

To enable or disable the logging of HTTPS session setup and tear down, use the ip https logging command in Global Configuration mode. To restore the default setting, use the no form of this command.

Syntax

ip https logging {enable| disable}

no ip https logging

Parameters

  • enable — Enables HTTPS logging on device

  • disable — disables HTTPS logging on device

Default Configuration

HTTPS session logging is disabled by default.

Command Mode

Global Configuration mode.

User Guidelines

This command enables HTTPS logging on the device. HTTPS logging is a mean to track the progress of HTTPS session setup and tear-down. HTTPS session setup and tear-down progress is tracked using SYSLOG message which are generated as part of the process. If HTTPS logging is disabled then SYSLOG messages will not be generated as part of the SSH setup or tear-down process.

Example

The following example enables HTTPS logging on the device.

switchxxxxxx(config)# ip https logging enable

ip http port

To specify the TCP port used by the web browser interface, use the ip http port Global Configuration mode command. To restore the default configuration, use the no form of this command.

Syntax

ip http port port-number

no ip http port

Parameters

port port-number—For use by the HTTP server. (Range: 1–59999)

Default Configuration

The default port number is 80.

Command Mode

Global Configuration mode

Example

The following example configures the http port number as 100.

switchxxxxxx(config)# ip http port 100

ip http server

To enable configuring and monitoring the device from a web browser, use the ip http server Global Configuration mode command. To disable this function, use the no form of this command.

Syntax

ip http server

no ip http server

Parameters

This command has no arguments or keywords.

Default Configuration

HTTP server is enabled.

Command Mode

Global Configuration mode

Example

The following example enables configuring the device from a web browser.

switchxxxxxx(config)# ip http server

ip http secure-server

To enable the device to be configured or monitored securely from a browser, use the ip http secure-server Global Configuration mode command. To disable this function, use the no form of this command.

Syntax

ip http secure-server

no ip http secure-server

Parameters

This command has no arguments or keywords.

Default Configuration

Enabled

Command Mode

Global Configuration mode

Example

switchxxxxxx(config)# ip http secure-server

ip http timeout-policy

To set the interval for the system to wait for user input in http/https sessions before automatic logoff, use the ip http timeout-policy Global Configuration mode command. To return to the default value, use the no form of this command.

Syntax

ip http timeout-policy idle-seconds [{http-only | https-only}]

no ip http timeout-policy

Parameters

  • idle-seconds—Specifies the maximum number of seconds that a connection is kept open if no data is received or response data cannot be sent out. (Range: 0–86400)

  • http-only—(Optional) The timeout is specified only for http

  • https-only—(Optional) The timeout is specified only for https

Default Configuration

600 seconds. setting is applied for both HTTP and HTTPS

Command Mode

Global Configuration mode

User Guidelines

To specify no timeout, enter the ip http timeout-policy 0 command.

Example

The following example configures the http timeout to be 1000 seconds.

switchxxxxxx(config)# ip http timeout-policy 1000

show ip http

To display the HTTP server configuration, use the show ip http Privileged EXEC mode command.

Syntax

show ip http

Parameters

This command has no arguments or keywords.

Command Mode

Privileged EXEC mode

Example

The following example displays the HTTP server configuration.

switchxxxxxx# show ip http
HTTP server enabled
Port: 80
Interactive timeout: 10 minutes, 0 seconds

show ip https

To display the HTTPS server configuration, use the show ip https Privileged EXEC mode command.

Syntax

show ip https

Parameters

This command has no arguments or keywords.

Command Mode

Privileged EXEC mode

Example

The following example displays the HTTPS server configuration.

switchxxxxxx# show ip https
HTTPS server enabled
Port: 443
Interactive timeout: Follows the HTTP interactive timeout (10 minutes, 0 seconds)
https session logging is disabled
Certificate 1 is active
Issued by: www.verisign.com
Valid from: 8/9/2003 to 8/9/2004
Subject: CN= router.gm.com, 0= General Motors, C= US
Finger print: DC789788 DC88A988 127897BC BB789788
Certificate 2 is inactive
Issued by: self-signed
Valid from: 8/9/2003 to 8/9/2004
Subject: CN= router.gm.com, 0= General Motors, C= US
Finger print: 1873B936 88DC3411 BC8932EF 782134BA