Server certificate authentication with user password authentication

This is a subset of full certificate authentication of the user and host, only available when the switch has SSL enabled. As in Switch/user authentication, the switch authenticates itself to SSL-enabled web browser, creating a secure SSL/TLS connection. Users on SSL browser then authenticate themselves to the switch - operator and manager levels - by providing passwords stored locally on the switch or on a TACACS+ or RADIUS server. However, the client does not use a certificate to authenticate itself to the switch.

Figure 221: Switch/user authentication