Chapter 1 Pki Configuration; Introduction To Pki; Pki Overview; Pki Terms - H3C S5500-EI series Operation Manual

Operation Manual – PKI
H3C S5500-EI Series Ethernet Switches
When configuring PKI, go to these sections for information you are interested in:

Introduction to PKI

PKI Configuration Task List
Displaying and Maintaining PKI
PKI Configuration Examples
Troubleshooting PKI
1.1 Introduction to PKI
This section covers these topics:

PKI Overview

PKI Terms

Architecture of PKI
Applications of PKI
Operation of PKI
1.1.1 PKI Overview
Public Key Infrastructure (PKI) is a system designed for providing information security
through public key technologies and digital certificates and verifying the identities of the
digital certificate owners.
PKI employs digital certificates, which are bindings of certificate owner identity
information and public keys. PKI allows users to request certificates, use certificates,
and revoke certificates. By leveraging digital certificates and relevant services like
certificate distribution and blacklist publication, PKI supports authentication the entities
involved in communication, and thus guaranteeing the confidentiality, integrity and
non-repudiation of data.
1.1.2 PKI Terms
I. Digital certificate
A digital certificate is a file signed by a certificate authority (CA) that contains a public
key and the related user identity information. A simplest digital certificate contains a
public key, an entity name, and a digital signature from the CA. Generally, a digital
certificate also includes the validity period of the key, the name of the CA and the
sequence number of the certificate. A digital certificate must comply with the
international standard of ITUTX.5.9. This manual involves two types of certificates:
local certificate and CA certificate. A local certificate is a digital certificate signed by a

Chapter 1 PKI Configuration

1-1
Chapter 1 PKI Configuration