Figure 41 PKI across VPNs
FIPS compliance
The device supports the FIPS mode that complies with NIST FIPS 140-2 requirements. Support for features,
commands, and parameters might differ in FIPS mode (see
PKI configuration task list
Tasks at a glance
(Required.)
(Required.)
(Required.)
•
Configuring automatic certificate request
•
Manually requesting a certificate
(Optional.)
(Optional.)
(Optional.)
(Optional.)
(Optional.)
(Optional.)
(Optional.)
Configuring a PKI entity
A CA identifies a certificate applicant by the identity information. A valid PKI entity must include at least
one of following identity categories:
Configuring a PKI entity
Configuring a PKI domain
Requesting a certificate
Aborting a certificate request
Obtaining certificates
Verifying PKI certificates
Specifying the storage path for the certificates and CRLs
Exporting certificates
Removing a certificate
Configuring a certificate access control policy
"Configuring
128
FIPS") and non-FIPS mode.