Pki Applications; Recommended Configuration Procedures; Recommended Configuration Procedure For Manual Request - HP 1920 Series User Manual
Hide thumbs
Also See for 1920 Series:
- User manual (547 pages) ,
- Getting started manual (33 pages) ,
- Supplementary manual (63 pages)
Table of Contents
Advertisement
4.
5.
6.
PKI applications
The PKI technology can satisfy the security requirements of online transactions. As an infrastructure, PKI
has a wide range of applications. Here are some application examples.
•
•
•
Recommended configuration procedures
The device supports the following PKI certificate request modes:
•
•
You can specify the PKI certificate request mode for a PKI domain. Different PKI certificate request modes
require different configurations.
Recommended configuration procedure for manual request
Downloaded from
www.Manualslib.com
The RA receives the certificate from the CA, sends it to the LDAP server to provide directory
navigation service, and notifies the entity that the certificate is successfully issued.
The entity retrieves the certificate. With the certificate, the entity can communicate with other
entities safely through encryption and digital signature.
The entity makes a request to the CA when it needs to revoke its certificate. The CA approves the
request, updates the CRLs and publishes the CRLs on the LDAP server.
VPN—A VPN is a private data communication network built on the public communication
infrastructure. A VPN can leverage network layer security protocols (for example, IPSec) in
conjunction with PKI-based encryption and digital signature technologies to achieve confidentiality.
Secure email—Emails require confidentiality, integrity, authentication, and non-repudiation. PKI
can address these needs. The secure email protocol that is developing rapidly is S/MIME, which is
based on PKI and allows for transfer of encrypted mails with signature.
Web security—For Web security, two peers can establish an SSL connection first for transparent
and secure communications at the application layer. With PKI, SSL enables encrypted
communications between a browser and a server. Both the communication parties can verify the
identity of each other through digital certificates.
Manual—In manual mode, you need to manually retrieve a CA certificate, generate a local RSA
key pair, and submit a local certificate request for an entity.
Auto—In auto mode, an entity automatically requests a certificate through the SCEP when it has no
local certificate or the present certificate is about to expire.
Step
1.
Creating a PKI entity
manuals search engine
Remarks
Required.
Create a PKI entity and configure the identity information.
A certificate is the binding of a public key and the identity information of an
entity, where the distinguished name (DN) shows the identity information of
the entity. A CA identifies a certificate applicant uniquely by an entity DN.
The DN settings of an entity must be compliant to the CA certificate issue
policy. Otherwise, the certificate request might be rejected. You must know the
policy to determine which entity parameters are mandatory or optional.
386
Hide quick links:
Advertisement
Table of Contents
