I have no longer HTTPs access to the 3560 switch, after an upgrade to 12.2(52)SE.
The problem is obviously related to the fact that I am trying to connect to a switch IP address
that belongs to a dedicated "management" VRF management. Debugging tcp on the switch
shows that it immediately sends TCP resets.
If I target the web browser to another switch IP address, which is in the global routing table, then the
router accepts the connection!
I had similar problems when accessing the switch via SSH. This could be cured however,
by putting an access-class command under the VTY lines with the "vrf-also" command.
For the HTTPs access (needed for managing the switch with CNA) I have not found a solution
yet. Any ideas?
NOTE: in the previous IOS version (12.2(37)SE1), there was no problem for HTTPS access
within a VRF...