R3204P16-HP Load Balancing Module Security Configuration Guide-6PW101

• After retrieving a local certificate, select Security > PKI > CRL from the navigation tree.

Figure 97 Retrieve CRL

• Click Retrieve CRL of the PKI domain of torsa.

4. Verify the configuration

After the above configuration, select Security > PKI > Certificate from the navigation tree to view detailed

information about the retrieved CA certificate and local certificate, or select Security > PKI > CRL from the

navigation tree to view detailed information about the retrieved CRL.

Configuring PKI in the CLI

PKI configuration task list

Complete the following tasks to configure PKI:

Task Remarks

Configuring an entity DN Required

Configuring a PKI domain Required

Submitting a PKI certificate request

Submitting a Certificate Request in

Auto Mode

Required

Use either approach

Submitting a certificate request in

manual mode

Retrieving a certificate manually Optional

Configuring PKI certificate verification Optional

Destroying a local RSA key pair Optional

Deleting a certificate Optional

Configuring an access control policy Optional

Configuring an entity DN

A certificate is the binding of a public key and the identity information of an entity, where the identity

information is identified by an entity distinguished name (DN). A CA identifies a certificate applicant

uniquely by entity DN.

An entity DN is defined by these parameters:

• Common name of the entity.

• Country code of the entity, a standard 2-character code. For example, CN represents China and US

represents the United States of America.

• Fully qualified domain name (FQDN) of the entity, a unique identifier of an entity on the network.

It consists of a host name and a domain name and can be resolved to an IP address. For example,

www.whatever.com is an FQDN, where www is a host name and whatever.com a domain name.