it works. what about scp and https ? which commands should i need to type?

For scp it runs over ssh so you just need to enable it .....ip scp server enable

then have windows scp on your pc or whatever you use

example using scp

RA#copy scp://172.21.7.135/isr4300-universalk9.03.16.03.S.155-3.S3-ext.SPA.bin bootflash:
Address or name of remote host [172.21.7.135]?
Source username [mmalone]?
Source filename [isr4300-universalk9.03.16.03.S.155-3.S3-ext.SPA.bin]?
Destination filename [isr4300-universalk9.03.16.03.S.155-3.S3-ext.SPA.bin]?
Password:
 Sending file modes: C0664 476783328 isr4300-universalk9.03.16.03.S.155-3.S3-ext.SPA.bin
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

HTTP

ip http secure-server

show ip http server status

Did it, its not working not from the https nor the scp.

heres an official doc with example you can try that , its same for switches and routers

youl need to explain what your doing with SCP as once its enabled its about how you set the path

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960x/software/15-0_2_EX/security/configuration_guide/b_sec_152ex_2960-x_cg/b_sec_152ex_2960-x_cg_chapter_01010.html#task_1226710

Configuring the Secure HTTP Server

Beginning in privileged EXEC mode, follow these steps to configure a secure HTTP server:

Before You Begin

If you are using a certificate authority for certification, you should use the previous procedure to configure the CA trustpoint on the switch before enabling the HTTP server. If you have not configured a CA trustpoint, a self-signed certificate is generated the first time that you enable the secure HTTP server. After you have configured the server, you can configure options (path, access list to apply, maximum number of connections, or timeout policy) that apply to both standard and secure HTTP servers.

To verify the secure HTTP connection by using a Web browser, enter https://URL, where the URL is the IP address or hostname of the server switch. If you configure a port other than the default port, you must also specify the port number after the URL. For example:

Note	AES256_SHA2 is not supported.

https://209.165.129:1026

or

https://host.domain.com:1026

SUMMARY STEPS

1.    show ip http server status

2.    configure terminal

3.    ip http secure-server

4.    ip http secure-port port-number

5.    ip http secure-ciphersuite {[3des-ede-cbc-sha] [rc4-128-md5] [rc4-128-sha] [des-cbc-sha]}

6.    ip http secure-client-auth

7.    ip http secure-trustpoint name

8.    ip http path path-name

9.    ip http access-class access-list-number

10.    ip http max-connections value

11.    ip http timeout-policy idle seconds life seconds requests value

12.    end

DETAILED STEPS

	Command or Action	Purpose
Step 1	show ip http server status Example: Switch# show ip http server status	(Optional) Displays the status of the HTTP server to determine if the secure HTTP server feature is supported in the software. You should see one of these lines in the output: HTTP secure server capability: Present or HTTP secure server capability: Not present
Step 2	configure terminal Example: Switch# configure terminal	Enters global configuration mode.
Step 3	ip http secure-server Example: Switch(config)# ip http secure-server	Enables the HTTPS server if it has been disabled. The HTTPS server is enabled by default.
Step 4	ip http secure-port port-number Example: Switch(config)# ip http secure-port 443	(Optional) Specifies the port number to be used for the HTTPS server. The default port number is 443. Valid options are 443 or any number in the range 1025 to 65535.
Step 5	ip http secure-ciphersuite {[3des-ede-cbc-sha] [rc4-128-md5] [rc4-128-sha] [des-cbc-sha]} Example: Switch(config)# ip http secure-ciphersuite rc4-128-md5	(Optional) Specifies the CipherSuites (encryption algorithms) to be used for encryption over the HTTPS connection. If you do not have a reason to specify a particularly CipherSuite, you should allow the server and client to negotiate a CipherSuite that they both support. This is the default.
Step 6	ip http secure-client-auth Example: Switch(config)# ip http secure-client-auth	(Optional) Configures the HTTP server to request an X.509v3 certificate from the client for authentication during the connection process. The default is for the client to request a certificate from the server, but the server does not attempt to authenticate the client.
Step 7	ip http secure-trustpoint name Example: Switch(config)# ip http secure-trustpoint your_trustpoint	Specifies the CA trustpoint to use to get an X.509v3 security certificate and to authenticate the client certificate connection. Note    Use of this command assumes you have already configured a CA trustpoint according to the previous procedure.
Step 8	ip http path path-name Example: Switch(config)# ip http path /your_server:80	(Optional) Sets a base HTTP path for HTML files. The path specifies the location of the HTTP server files on the local system (usually located in system flash memory).
Step 9	ip http access-class access-list-number Example: Switch(config)# ip http access-class 2	(Optional) Specifies an access list to use to allow access to the HTTP server.
Step 10	ip http max-connections value Example: Switch(config)# ip http max-connections 4	(Optional) Sets the maximum number of concurrent connections that are allowed to the HTTP server. We recommend that the value be at least 10 and not less. This is required for the UI to function as expected.
Step 11	ip http timeout-policy idle seconds life seconds requests value Example: Switch(config)# ip http timeout-policy idle 120 life 240 requests 1	(Optional) Specifies how long a connection to the HTTP server can remain open under the defined circumstances: idle—the maximum time period when no data is received or response data cannot be sent. The range is 1 to 600 seconds. The default is 180 seconds (3 minutes). life—the maximum time period from the time that the connection is established. The range is 1 to 86400 seconds (24 hours). The default is 180 seconds. requests—the maximum number of requests processed on a persistent connection. The maximum value is 86400. The default is 1.
Step 12	end Example: Switch(config)# end	Returns to privileged EXEC mode.

I am using the WinScp:

I have never done do a direct scp like that from the terminal side , you would scp alright from the router like I posted earlier and pull from the pc or send to the pc using scp but its all done from the router side not the terminal , when your using scp/sftp  it uses the ssh daemon to connect

have a look at this docs explains it better

https://supportforums.cisco.com/discussion/12537266/scp-copy

https://winscp.net/eng/docs/troubleshooting

No Firefox mozila, nor the Chrom, nor the IE are working fully  on HTTPS.

SSH works.

SCP will work maybe only like you told me to do but not the WInScp.

not working!!!

now the https is working but again it only works in the begining and even gets the right username and password but after that when i pressing one of the dashbord icons it stucks on the blamk screen. see the attachments please.

anyway  it lets me in to the https authentication with my username and password that i have created using command:

username "my username" privilege 15 secret 0 "my password"

but the WinSCP neither the SSH is working, see my next post here:

https://supportforums.cisco.com/discussion/13195486/winscp-and-putty-ssh

as you can see "scp" does not work. "ssh" is working now. "ssl" works as before except the "white page" appears after clicking on one of the dashboards(DNS, INTERFACES, DHCP and ETC.)

he could not start a session with SCP attemp as you can see it has been authenticated but no session has been established.

you could try a different version of CCP if its not working right , it should be stored in flash , you can see it if you type dir in the router or show flash

You can download the verion here incase you have an old one installed

https://software.cisco.com/download/release.html?mdfid=281795035&softwareid=282159854&release=2.7

https://supportforums.cisco.com/document/62311/how-access-cisco-router-cisco-configuration-professional