This chapter provides detailed feature and configuration information for the Certificate Manger.
•
Overview
•
Configuring the Certificate Manager using CLI
•
Configuring Trustpoint using the Web UI
8.1 Overview
Certificates are of two types:
a. CA root certificate
b. Server Certificate signed by a CA (External Certificate Authority)
Certificate Manager manages and maintains a set of certificates used by the applications such as HTTPS,
VPN, Hotspot and Radius.
Certificates are uniquely identified by a trustpoint. Each trustpoint has the following attributes:
• Subject (Common Name, Organizational unit, Organization, Location, State, Country)
• Subject Alternate Name (email, ip-address, fqdn)
• Certificate Request
• Private key
• Server certificate
• CA certificate
For each trust point, certificate manager: provides the following functionality:
• Generate a certificate request for a configured trustpoint.
• Installs the server certificate signed by CA in either PEM or DER format.
• Installs CA's root certificate in either PEM or DER format.
• Certificate Manager maintains and manages set of keys. Keys may be used by applications such as
SSH or may be associated with trustpoints explicitly.
The Certificate manager also has the option to generate RSA keys.
Certificate Management