Configure HTTPS Access to the RESTCONF Server

About this task

By default, the RESTCONF server uses HTTP. If you need to use HTTPS, generate a certificate file and transfer the certificate file to the /intflash directory on the switch.

For more information on generating certificate files, see Manage an SSL Certificate.

Before you begin

Ensure that you have the certificate file in the /intflash directory on the switch.

Procedure

  1. Enter Application Configuration mode:

    enable

    configure terminal

    application

  2. If RESTCONF is enabled, disable RESTCONF:

    no restconf enable

  3. Install the certificate file for the RESTCONF server:

    restconf install-cert-file WORD<1-128>

  4. Enable HTTPS:

    restconf tls

  5. Enable RESTCONF:

    restconf enable

Example

Switch:1>enable
Switch:1# configure terminal
Enter configuration commands, one per line. End with CTRL/Z.
Switch:1(config)#application
Switch:1(config-app)#no restconf enable
Switch:1(config-app)#restconf install-cert-file /intflash/.cert/restconf-cert.pem
Switch:1(config-app)#restconf tls
Switch:1(config-app)#restconf enable

Variable Definitions

The following table defines parameters for the restconf command.

Variable

Value

enable

Enables the RESTCONF Server.

install-cert-file WORD<1-128>

Installs the certificate file for the RESTCONF server.

tcp-port <1-49151>

Set RESTCONF Server TCP port number.

tls

Enables TLS for the RESTCONF server. The default is disabled.

trap-notification

Enables trap notification.