Creating A Trust Point Ca Association - HP Cisco MDS 9216 - Fabric Switch Configuration Manual

Configuring CAs and Digital Certificates
S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m
Click Create to create the RSA Key-Pair.
Step 8

Creating a Trust Point CA Association

To create a trust point CA association using Fabric Manager, follow these steps:
Step 1 Expand Switches > Security then select PKI in the Physical Attributes pane.
Step 2 Click the Trust Point tab in the Information Pane.
You see the information shown in
Figure 43-3
Step 3 Click Create Row.
You see the Create Trust Point dialog box shown in
Figure 43-4
Step 4 Select the switch for which you are creating the trust point CA from the Switch drop-down menu.
Step 5 Assign a name to the trust point CA.
Step 6 Select a key-pair name to be associated with this trust point for enrollment. It was generated earlier in
the
CA.
From the RevokeCheckMethod drop-down menu, select the certificate revocation method that you would
Step 7
like to use (see
revocation. The CRL OCSP option checks for revoked certificates first in the locally stored CRL. If not
found, the switch uses OCSP to check the revoked certificates on the URL specified in Step 7.
Step 8 Enter the OCSP URL if you selected an OCSP certificate revocation method.
Cisco MDS 9000 Family CLI Configuration Guide
43-8
Trust Point Tab
Create Trust Point Dialog Box
"Generating an RSA Key-Pair" section on page
Figure 43-4). You can use CRL, OCSP, CRL OCSP, or OCSP CRL to check for certificate
Chapter 43 Configuring Certificate Authorities and Digital Certificates
Figure 43-3.
Figure
43-6. Only one RSA key-pair can be specified per
43-4.
OL-16184-01, Cisco MDS SAN-OS Release 3.x