HP A5830 Series Configuration Manual page 63

Hide thumbs Also See for A5830 Series:

Configuration manual (280 pages)

Command reference manual (249 pages)

Configuration manual (246 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

page of 152

/ 152
Contents
Table of Contents
Bookmarks

Table of Contents

[Device-pki-domain-1] certificate request from ra

[Device-pki-domain-1] certificate request entity en

[Device-pki-domain-1] quit

# Create RSA local key pairs.

[Device] public-key loc

# Retrieve the CA certificate from the certificate issuing server.

[Device] pki retrieval-certificate ca domain 1

# Request a local certificate from a CA through SCEP for the device.

[Device] pki request-certificate domain 1

# Create an SSL server policy myssl, specify PKI domain 1 for the SSL server policy, and enable

certificate-based SSL client authentication.

[Device] ssl server-policy myssl

[Device-ssl-server-policy-myssl] pki-domain 1

[Device-ssl-server-policy-myssl] client-verify enable

[Device-ssl-server-policy-myssl] quit

# Create a certificate attribute group mygroup1, and configure a certificate attribute rule, specifying that

the Distinguished Name (DN) in the subject name includes the string of new-ca.

[Device] pki certificate attribute-group mygroup1

[Device-pki-cert-attribute-group-mygroup1] attribute 1 issuer-name dn ctn new-ca

[Device-pki-cert-attribute-group-mygroup1] quit

# Create a certificate attribute-based access control policy myacp. Configure a certificate attribute-based

access control rule, specifying that a certificate is considered valid when it matches an attribute rule in

certificate attribute group myacp.

[Device] pki certificate access-control-policy myacp

[Device-pki-cert-acp-myacp] rule 1 permit mygroup1

[Device-pki-cert-acp-myacp] quit

# Associate the HTTPS service with SSL server policy myssl.

[Device] ip https ssl-server-policy myssl

# Associate the HTTPS service with certificate attribute-based access control policy myacp.

[Device] ip https certificate access-control-policy myacp

# Enable the HTTPS service.

[Device] ip https enable

# Create a local user named usera, set the password to 123, specify the web service type. and specify

the user privilege level 3 for the local user. Users with privilege level 3 can perform all operations

supported by the device.

[Device] local-user usera

[Device-luser-usera] password simple 123

[Device-luser-usera] service-type web

[Device-luser-usera] authorization-attribute level 3

Configure the host that acts as the HTTPS client

On the host, run the IE browser. In the address bar, enter http://10.1.2.2/certsrv and request a certificate

for the host as prompted.

Verify the configuration

al create rsa

Table of Contents

HP A5830 Series Configuration Manual page 63

Related Manuals for HP A5830 Series

Related Products for HP A5830 Series

Table of Contents