FIPS compliance ··························································································································································· 197
Configuring password control ···································································································································· 198
Enabling password control ································································································································· 198
HABP configuration ················································································································································· 206
Introduction to HABP ···················································································································································· 206
Configuring HABP ························································································································································ 207
Configuring the HABP server ····························································································································· 207
Configuring an HABP client ······························································································································· 207
Displaying and maintaining HABP ····························································································································· 208
HABP configuration example ······································································································································ 208
Network requirements ········································································································································· 208
Configuration procedure ···································································································································· 209
Public key configuration ········································································································································· 211
Basic concepts ····················································································································································· 211
Key algorithm types ············································································································································· 211
FIPS compliance ··························································································································································· 212
PKI configuration ····················································································································································· 220
Introduction to PKI ························································································································································ 220
PKI overview ························································································································································ 220
PKI terms ······························································································································································· 220
Architecture of PKI ··············································································································································· 221
Applications of PKI ·············································································································································· 222
Operation of PKI ·················································································································································· 222
PKI configuration task list ············································································································································ 223
Configuring an entity DN ············································································································································ 223
Configuring a PKI domain ··········································································································································· 224
Retrieving a certificate manually ································································································································ 228
Destroying a local RSA key pair ································································································································ 230
Deleting a certificate ···················································································································································· 230
v