Manualshelf

R3721-F3210-F3171-HP High-End Firewalls VPN Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
281282283284285286287288289290
280
Table 29 Configuration items
Item Descri
p
tion
Key Length
Enter the length of the RSA keys.
Destroying the RSA key pair
Select VPN > Certificate Management > Certificate from the navigation tree to display existing PKI
certificates, as shown in Figure 175. C
lick Destroy Key to enter the RSA key pair destruction page, as
shown in Figure 177. T
hen, click Apply to destroy the existing RSA key pair and the corresponding local
certificate.
Figure 177 RSA key pair destruction page
Retrieving and displaying a certificate
You can download an existing CA certificate or local certificate from the CA server and save it locally.
To do so, you can use offline mode or online mode. In offline mode, you need to retrieve a certificate by
an out-of-band means like FTP, disk, email and then import it into the local PKI system.
Select VPN > Certificate Management > Certificate from the navigation tree to display existing PKI
certificates, as shown in Figure 175. C
lick Retrieve Cert to enter the PKI certificate retrieval page, as
shown in Figure 178.
Figure 178 PKI certificate
retrieval page
Table 30 Configuration items
Item Descri
tion
Domain Name
Select the PKI domain for the certificate.
Certificate Type
Select the type of the certificate to be retrieved, which can be CA or local.
Enable Offline
Mode
Select this box to retrieve a certificate in offline mode (that is, by an out-of-band means
like FTP, disk, or email) and then import the certificate into the local PKI system.