Information About the HTTP Server
An HTTP server, which can be turned off from the CLI to address security concerns, is embedded in the Virtual Supervisor Module (VSM).
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This chapter contains the following sections:
An HTTP server, which can be turned off from the CLI to address security concerns, is embedded in the Virtual Supervisor Module (VSM).
The HTTP server is enabled by default.
The HTTP server must be enabled in order to get the Cisco Nexus 1000VE XML plugin from the VSM.
Ensure that feature http-server is enabled.
Ensure that vnm-pa is uninstalled and nsmgr is disabled.
Command or Action | Purpose | |
---|---|---|
Step 1 |
switch# configure terminal |
Enters global configuration mode. |
Step 2 |
switch# http-server no https |
Disables the HTTPS service. |
Step 3 |
(Optional) switch(config)# show http-server |
(Optional)
Displays the HTTP server configuration. |
Step 4 |
(Optional) switch(config)# Show feature |
(Optional)
Displays the state (enabled or disabled) of each available feature. |
switch# configure terminal
switch(config)# http-server no https
httpd: no process killed
switch(config)# show http-server
http-server enabled
http protocol enabled
https protocol disabled
switch(config)# show feature
Feature Name Instance State
----------------------------- -------- --------
http-server 1 enabled
.
.
.
switch(config)#
Ensure that feature http-server is enabled.
Command or Action | Purpose | |
---|---|---|
Step 1 |
switch# configure terminal |
Enters global configuration mode. |
Step 2 |
switch# http-server no http |
Disables the HTTP service. |
Step 3 |
(Optional) switch(config)# show http-server |
(Optional)
Displays the HTTP server configuration. |
Step 4 |
(Optional) switch(config)# Show feature |
(Optional)
Displays the state (enabled or disabled) of each available feature. |
switch# configure terminal
switch(config)# http-server no http
httpd: no process killed
switch(config)# show http-server
http-server enabled
http protocol disabled
https protocol enabled
switch(config)# show feature
Feature Name Instance State
----------------------------- -------- --------
http-server 1 enabled
.
.
.
switch(config)#
Certificates are sent to the browser or server and contain public keys needed to begin a secure session.
To install an HTTP-server certificate, use the install http-certificate command.
Command or Action | Purpose | |||
---|---|---|---|---|
Step 1 |
switch# configure terminal |
Enters global configuration mode. |
||
Step 2 |
switch# install http-certificate {bootflash: [// server/] | default} |
Installs the certificate where {bootflash: [// server/] specifies the source or destination URL for boot flash memory. To regenerate an expired default certificate, use the install http-certificate default command.
|
This example shows how to install an HTTP certificate to the boot flash memory:
switch# configure terminal
switch(config-svs-conn)# install http-certificate bootflash:new.crt
To install a certificate for SVS-connection, use the install certificate command.
Command or Action | Purpose | |||
---|---|---|---|---|
Step 1 |
switch# configure terminal |
Enters global configuration mode. |
||
Step 2 |
switch(config)# svs connection vcenter |
Establishes vCenter connection. |
||
Step 3 |
switch(config-svs-conn)# install certificate {bootflash: [// server/] | default} |
Installs the certificate where {bootflash: [// server/] specifies the source or destination URL for boot flash memory.
|
This example shows how to install a certificate to the boot flash memory:
switch# configure terminal
switch(config)# svs connection vcenter
switch(config-svs-conn)# install certificate bootflash:new.crt