I'm running a Catalyst 3850 as an edge device. I have it secured fairly well except for I noticed that I don't have an ACL for HTTPS. I know that on HTTP, which I disabled that there is a command "ip http access-class" that allows you to limit it HTTP to specific ips through an ACL. I can't seem to find an equivalent for HTTPS though. Replacing HTTP with HTTPS or http secure-server just gets an error. Am I missing something or is HTTPS basically something you either can have on or off? I occasionally get bots that deluge it with traffic to the point that it shows up in the logs. I don't really use HTTPS much so it wouldn't bother me much to turn it off, but if I could just apply an ACL like I do for SNMP I could leave it turned on for approved internal networks.