Table of Contents
Advertisement
Recommended configuration procedure for automatic
request
Task
Creating a PKI entity
1.
Creating a PKI domain
2.
Destroying the RSA key
3.
pair
Retrieving and displaying
4.
a certificate
Retrieving and displaying
5.
a CRL
Creating a PKI entity
From the navigation tree, select Authentication > Certificate Management.
1.
The PKI entity list page is displayed by default.
Figure 351 PKI entity list
Click Add on the page.
2.
Remarks
Required.
Create a PKI entity and configure the identity information.
A certificate is the binding of a public key and the identity information of an
entity, where the DN shows the identity information of the entity. A CA
identifies a certificate applicant uniquely by an entity DN.
The DN settings of an entity must be compliant to the CA certificate issue
policy. Otherwise, the certificate request might be rejected. You must
know the policy to determine which entity parameters are mandatory or
optional.
Required.
Create a PKI domain, setting the certificate request mode to Auto.
Before requesting a PKI certificate, an entity needs to be configured with
some enrollment information, which is called a PKI domain.
A PKI domain is intended only for convenience of reference by other
applications like IKE and SSL, and has only local significance.
Optional.
Destroy the existing RSA key pair and the corresponding local certificate.
If the certificate to be retrieved contains an RSA key pair, you must
destroy the existing key pair. Otherwise, the retrieving operation will fail.
Optional.
Retrieve an existing certificate.
Optional.
Retrieve a CRL and display its contents.
329
Hide quick links:
Advertisement
Table of Contents
