Secpath U200-M如何使用HTTPS？

version 5.20, Feature 5123P36
#
 sysname BGW_security
#
 clock timezone BJ add 08:00:00
#
 password-control enable
 password-control length 8
 password-control composition type-number 3 type-length 4
 password-control login-attempt 5 exceed lock-time 60
 password-control complexity user-name check
#
 super password level 3 cipher OX2X55^%:H*^US3K"<C2<1!!
#
 undo voice vlan mac-address 00e0-bb00-0000
#
 domain default enable system
#
 ip http acl 2000
#
 undo alg dns
 undo alg rtsp
 undo alg h323 
 undo alg sip
 undo alg sqlnet
 undo alg pptp
 undo alg ils
 undo alg nbt
 undo alg msn
 undo alg qq
 undo alg tftp
 undo alg sccp
 undo alg xdmcp
 undo alg rsh
#
acl number 2000
 rule 1 permit source 192.168.0.0 0.0.255.255
#
vlan 1
#
vlan 130
#
domain system
 access-limit disable
 state active
 idle-cut disable
 self-service-url disable
#
pki domain default
  crl check disable
#
user-group system
#
local-user admin
 authorization-attribute acl 2000
 service-type ssh terminal
local-user audit
 authorization-attribute level 3
 authorization-attribute acl 2000
 service-type ssh terminal
 service-type portal
#
ssl server-policy default
 pki-domain default
#
interface NULL0
#
interface Vlan-interface130
 ip address 192.168.130.252 255.255.255.0
#
interface GigabitEthernet0/0
 port link-mode route
 ip address 192.168.0.1 255.255.255.0
#
interface GigabitEthernet0/3
 port link-mode route
#
interface GigabitEthernet0/4
 port link-mode route
#
interface GigabitEthernet0/5
 port link-mode route
#
interface GigabitEthernet0/1
 port link-mode bridge
 port access vlan 130
#
interface GigabitEthernet0/2
 port link-mode bridge
 port access vlan 130
#
 ip route-static 0.0.0.0 0.0.0.0 192.168.130.254
#
 info-center logbuffer size 1024
 info-center trapbuffer size 1024
#
 ntp-service authentication enable
 ntp-service authentication-keyid 99 authentication-mode md5 +L%+/Q"U&'QF5"6K6S_ZPQ!!
 ntp-service reliable authentication-keyid 99
 ntp-service unicast-server 192.168.130.253 authentication-keyid 99
#
 ssh server enable
 ssh user admin service-type stelnet authentication-type password
 ssh user audit service-type stelnet authentication-type password
#
 ip https acl 2000
 ip https ssl-server-policy default
 ip https enable
#
 load xml-configuration
#
user-interface con 0
 authentication-mode scheme
 set authentication password cipher OX2X55^%:H*^US3K"<C2<1!!
 idle-timeout 5 0
user-interface vty 0 4
 acl 2000 inbound
 authentication-mode scheme
 set authentication password cipher OX2X55^%:H*^US3K"<C2<1!!
 idle-timeout 5 0
 protocol inbound ssh
#
return

#
 version 5.20, Feature 5123P36
#
 sysname BGW_security
#
 clock timezone BJ add 08:00:00
#
 password-control enable
 password-control length 8
 password-control composition type-number 3 type-length 4
 password-control login-attempt 5 exceed lock-time 60
 password-control complexity user-name check
#
 super password level 3 cipher OX2X55^%:H*^US3K"<C2<1!!
#
 undo voice vlan mac-address 00e0-bb00-0000
#
 domain default enable system
#
 ip http acl 2000
#
 undo alg dns
 undo alg rtsp
 undo alg h323 
 undo alg sip
 undo alg sqlnet
 undo alg pptp
 undo alg ils
 undo alg nbt
 undo alg msn
 undo alg qq
 undo alg tftp
 undo alg sccp
 undo alg xdmcp
 undo alg rsh
#
acl number 2000
 rule 1 permit source 192.168.0.0 0.0.255.255
#
vlan 1
#
vlan 130
#
domain system
 access-limit disable
 state active
 idle-cut disable
 self-service-url disable
#
pki domain default
  crl check disable
#
user-group system
#
local-user admin
 authorization-attribute acl 2000
 service-type ssh terminal
local-user audit
 authorization-attribute level 3
 authorization-attribute acl 2000
 service-type ssh terminal
 service-type portal
#
ssl server-policy default
 pki-domain default
#
interface NULL0
#
interface Vlan-interface130
 ip address 192.168.130.252 255.255.255.0
#
interface GigabitEthernet0/0
 port link-mode route
 ip address 192.168.0.1 255.255.255.0
#
interface GigabitEthernet0/3
 port link-mode route
#
interface GigabitEthernet0/4
 port link-mode route
#
interface GigabitEthernet0/5
 port link-mode route
#
interface GigabitEthernet0/1
 port link-mode bridge
 port access vlan 130
#
interface GigabitEthernet0/2
 port link-mode bridge
 port access vlan 130
#
 ip route-static 0.0.0.0 0.0.0.0 192.168.130.254
#
 info-center logbuffer size 1024
 info-center trapbuffer size 1024
#
 ntp-service authentication enable
 ntp-service authentication-keyid 99 authentication-mode md5 +L%+/Q"U&'QF5"6K6S_ZPQ!!
 ntp-service reliable authentication-keyid 99
 ntp-service unicast-server 192.168.130.253 authentication-keyid 99
#
 ssh server enable
 ssh user admin service-type stelnet authentication-type password
 ssh user audit service-type stelnet authentication-type password
#
 ip https acl 2000
 ip https ssl-server-policy default
 ip https enable
#
 load xml-configuration
#
user-interface con 0
 authentication-mode scheme
 set authentication password cipher OX2X55^%:H*^US3K"<C2<1!!
 idle-timeout 5 0
user-interface vty 0 4
 acl 2000 inbound
 authentication-mode scheme
 set authentication password cipher OX2X55^%:H*^US3K"<C2<1!!
 idle-timeout 5 0
 protocol inbound ssh
#
return

HTTPS服务已经开启，但无法使用···用浏览器无法打开HTTPS管理页面···

没有CA服务端该如何操作？？？请问能给个配置本地实例吗？