(Omitted)
You can also use some other display commands—such as, display pki certificate ca domain
command—to view more information about the CA certificate. For more information about the
command, see the Security Command Reference.
Configuring a certificate attribute-based access control policy
Network requirements
The client accesses the remote HTTP Security (HTTPS) server through the HTTPS protocol.
•
Configure SSL to ensure that only legal clients log in to the HTTPS server.
•
Create a certificate attribute-based access control policy to control access to the HTTPS server.
•
Figure 79 Configure a certificate attribute-based access control policy
Configuration procedure
NOTE:
•
For more information about SSL configuration, see the chapter "SSL configuration."
For more information about HTTPS configuration, see the
•
•
The PKI domain to be referenced by the SSL policy must be created in advance. For how to configure a
PKI domain, see
1.
Configure the HTTPS server
# Configure the SSL policy for the HTTPS server to use.
keyid:9D823258 EADFEFA2 4A663E75 F416B6F6 D41EE4FE
X509v3 CRL Distribution Points:
URI:http://l00192b/CertEnroll/CA%20server.crl
URI:file://\\l00192b\CertEnroll\CA server.crl
Authority Information Access:
CA Issuers - URI:http://l00192b/CertEnroll/l00192b_CA%20server.crt
CA Issuers - URI:file://\\l00192b\CertEnroll\l00192b_CA server.crt
1.3.6.1.4.1.311.20.2:
.0.I.P.S.E.C.I.n.t.e.r.m.e.d.i.a.t.e.O.f.f.l.i.n.e
Signature Algorithm: sha1WithRSAEncryption
81029589 7BFA1CBD 20023136 B068840B
"Configure the PKI
Fundamentals Configuration Guide
domain."
238
.