Destroying the RSA key pair
From the navigation tree, select Authentication > Certificate Management.
1.
Click the Certificate tab.
2.
Click Destroy Key.
3.
Click Apply to destroy the existing RSA key pair and the corresponding local certificate.
4.
Figure 357 Key pair destruction page
Retrieving and displaying a certificate
You can retrieve an existing CA certificate or local certificate from the CA server and save it locally. To
do so, you can use offline mode or online. In offline mode, you must retrieve a certificate by an
out-of-band means like FTP, disk, email and then import it into the local PKI system. By default, the
retrieved certificate is saved in a file under the root directory of the device, and the filename is
domain-name_ca.cer for the CA certificate, or domain-name_local.cer for the local certificate.
To retrieve a certificate:
From the navigation tree, select Authentication > Certificate Management.
1.
Click the Certificate tab.
2.
Click Retrieve Cert.
3.
Figure 358 PKI certificate retrieval page
Configure the parameters, as described in
4.
Click Apply.
5.
Table 118 Configuration items
Item
Domain Name
Certificate Type
Enable Offline
Description
Select the PKI domain for the certificate.
Select the type of the certificate to be retrieved, which can be CA or local.
Click this box to retrieve a certificate in offline mode (that is, by an out-of-band means
Table
118.
334