Manualshelf

R3166-R3206-HP High-End Firewalls VPN Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
141142143144145146147148149150
140
Figure 84 CRL details
Return to Configuration task list for requesting a certificate manually.
Return to Configuration task list for requesting a certificate automatically.
PKI configuration examples
Configuring a PKI entity to request a certificate from a CA
1. Network requirements
As shown in Figure 85, conf
igure the device working as the PKI entity, so that:
The device submits a local certificate request to the CA server, which runs the RSA Keon software.
The device acquires CRLs for certificate verification.
Figure 85 Network diagram for configuring a PKI entity to request a certificate from a CA
2. Configuration procedure
a. Configure the CA server
# Create a CA server named myca.
In this example, configure the basic attributes of Nickname and Subject DN on the CA server at first:
Nickname: Name of the trusted CA.