Table of Contents
Advertisement
Virtual Private Networks (VPN)
(config network scep_client scep_client_name)> distinguished_name l
value
(config network scep_client scep_client_name)>
e. Set the Organization:
(config network scep_client scep_client_name)> distinguished_name o
value
(config network scep_client scep_client_name)>
f. Set the Organizational Unit:
(config network scep_client scep_client_name)> distinguished_name ou
value
(config network scep_client scep_client_name)>
g. Set the Common Name:
(config network scep_client scep_client_name)> distinguished_name cn
value
(config network scep_client scep_client_name)>
10. Set the number of days that the certificate enrollment can be renewed, prior to the request
expiring. This value is configured on the SCEP server, and is used by the Connect EZ device to
determine when to start attempting to auto-renew an existing certificate. The default is 7.
(config network scep_client scep_client_name)> renewable_time integer
(config network scep_client scep_client_name)>
11. (Optional) Set the filename of the Certificate Revocation List (CRL) from the CA.
The CRL is stored on the Connect EZ device in the /etc/config/scep_client/client_name
directory.
(config network scep_client scep_client_name)> crl_name name
(config network scep_client scep_client_name)>
12. Save the configuration and apply the change:
(config network scep_client scep_client_name)> save
Configuration saved.
>
13. Type exit to exit the Admin CLI.
Depending on your device configuration, you may be presented with an Access selection
menu. Type quit to disconnect from the device.
Example: SCEP client configuration with Fortinet SCEP server
In this example configuration, we will configure the Connect EZ device as a SCEP client that will
connect to a Fortinet SCEP server.
Fortinet configuration
On the Fortinet server:
Digi Connect EZ Mini User Guide
IPsec
166
Advertisement
Table of Contents
