Digi TransPort WR11 User Manual page 925
Hide thumbs
Also See for TransPort WR11:
- Manual (20 pages) ,
- Installation manual (17 pages) ,
- Quick start quide (2 pages)
Table of Contents
Advertisement
Performing device administration tasks
CA encryption certificate
Sometimes when you get a CA certificate, a CA encryption certificate is installed on the router at the
same time. You can identify a CA encryption certificate by looking at the X.509 Key Usage section in
the certificate. It should display something like the following:
X509v3 Key Usage: cr i t i cal
Key Enci pher m ent , Dat a Enci pher m ent
If a CA encryption certificate has been installed by the CA you wish to use for the certificate request,
enter the CA encryption certificate. If no CA encryption certificate has been installed for the CA, leave
this file blank.
CA signature certificate
Sometimes when you get a CA certificate, a CA signature certificate is installed on the router at the
same time. You can identify a CA signature certificate by looking at the X.509 Key Usage section in
the certificate. It should say something like the following
X509v3 Key Usage: cr i t i cal
Di gi t al Si gnat ur e, Non Repudi at i on
If a CA signature certificate has been installed by the CA you wish to use for the certificate request,
enter the CA signature certificate. If no CA signature certificate has been installed for the CA, leave
this file blank.
RSA Private key
Selects either using an existing private key or generating a private key for each certificate request.
Private key filename
The filename of the private key file to use.
Enrollment Password
Before you can create a certificate request you must first obtain a challenge password from the
Certificate Authority Server. This password is generally obtained from the SCEP CA server by way of a
WEB server or a phone call to the CA Server Administrator. For the Microsoft
to a web interface. If the server requires a challenge password, it will be displayed on the page along
with the CA certificate fingerprint. This challenge password is usually only valid once and for a short
period of time, in this case 60 minutes, meaning a certificate request must be created after retrieving
the challenge password.
Common Name (CN)
A name for the router. This parameter is important, as the router will use the common name as the
router's ID for IKE negotiations.
Country Code (C)
The two-character county code of where the router is located. A list of valid country codes can be
found at http://www.iso.org/iso/english_country_names_and_code_elements.
State or Province (ST)
The state, county, or province of where the router is located.
Digi TransPort® Routers User Guide
Manage X.509 certificates and host key pairs
®
SCEP server, you browse
925
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
