1. Go to H3C Firewall -> SSL -> SSL Server Policies to create a new Policy e.g. "abc_2024-2026"
2. Create a PKI Domain for new cert installation
3. Go to PKI -> Certificate -> Import 2 CA cert and 1 local cert
CA to provide TWO CA cert (.cer) (When install second CA, just ignore the cert will be replace warning) and One local cert (.pfx) (RSA 2048) (This local cert need to includ private key and also ignore the cert will be replace warning)
4. SSH to the firewall
> show current-configuration (Enable logging on putty before run this command)
> system-view ] undo ip https enable
] ip https ssl-server-policy <New Policy Name which is you create at step1>
] ip https enable
] save force
] exit
>
No comments:
Post a Comment