HP MSR Series Configuration Manual page 7
Hpe flexnetwork msr router series
Hide thumbs
Also See for MSR Series:
- Configuration manual (889 pages) ,
- Command reference manual (684 pages) ,
- Wan access configuration manual (293 pages)
Table of Contents
Advertisement
FIPS compliance···················································································································· 228
Password control configuration task list ······················································································ 228
Enabling password control ······································································································· 228
Setting global password control parameters ················································································· 229
Setting user group password control parameters ·········································································· 230
Setting local user password control parameters ············································································ 231
Setting super password control parameters ················································································· 231
Displaying and maintaining password control ··············································································· 232
Password control configuration example ····················································································· 232
Network requirements ······································································································ 232
Configuration procedure ··································································································· 233
Verifying the configuration ································································································· 234
Managing public keys ···································································· 236
Overview ······························································································································ 236
FIPS compliance···················································································································· 236
Creating a local key pair ·········································································································· 236
Distributing a local host public key ····························································································· 237
Exporting a host public key ································································································ 238
Displaying a host public key ······························································································· 238
Destroying a local key pair ······································································································· 238
Configuring a peer host public key ····························································································· 239
Importing a peer host public key from a public key file ····························································· 239
Entering a peer host public key ·························································································· 239
Displaying and maintaining public keys ······················································································· 240
Examples of public key management ························································································· 240
Example for entering a peer host public key ·········································································· 240
Example for importing a public key from a public key file ·························································· 242
Configuring PKI ··········································································· 245
Overview ······························································································································ 245
PKI terminology ·············································································································· 245
PKI architecture ·············································································································· 246
PKI operation ················································································································· 246
PKI applications ·············································································································· 247
Support for MPLS L3VPN ································································································· 247
FIPS compliance···················································································································· 248
PKI configuration task list ········································································································· 248
Configuring a PKI entity ··········································································································· 248
Configuring a PKI domain ········································································································ 249
Requesting a certificate ··········································································································· 251
Configuration guidelines ··································································································· 251
Configuring automatic certificate request ·············································································· 252
Manually requesting a certificate ························································································· 252
Aborting a certificate request ···································································································· 253
Obtaining certificates ·············································································································· 253
Configuration prerequisites ································································································ 253
Configuration guidelines ··································································································· 254
Configuration procedure ··································································································· 254
Verifying PKI certificates ·········································································································· 254
Verifying certificates with CRL checking ··············································································· 254
Verifying certificates without CRL checking ··········································································· 255
Specifying the storage path for the certificates and CRLs ······························································· 256
Exporting certificates ·············································································································· 256
Removing a certificate ············································································································· 257
Configuring a certificate-based access control policy ····································································· 257
Displaying and maintaining PKI ································································································· 258
PKI configuration examples ······································································································ 259
Requesting a certificate from an RSA Keon CA server ···························································· 259
Requesting a certificate from a Windows Server 2003 CA server ··············································· 261
Requesting a certificate from an OpenCA server ···································································· 265
Requesting a certificate from an RSA Keon CA server in an NAT-PT network ······························ 268
v
- Quick Links:
- Configuring Local Users
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
