You can configure the web protocol engine on the cluster to control whether web access is allowed and what SSL versions can be used. You can also display the configuration settings for the web protocol engine.
You can manage the web protocol engine at the cluster level in the following ways:
Data ONTAP supports SSLv3 and SSLv2. By default, SSLv3 is enabled and SSLv2 is disabled. If SSL is configured, Transport Layer Security 1.0 (TLSv1.0) is also enabled and cannot be disabled.
You use the system services web commands to manage the web protocol engine at the cluster level.
If a firewall is enabled, the firewall policy for the logical interface (LIF) to be used for web services must be set up to allow HTTP or HTTPS access.
If you use HTTPS for web service access, SSL for the cluster or Vserver that offers the web service must also be enabled, and you must provide a digital certificate for the cluster or Vserver.