Manualshelf

R3721-F3210-F3171-HP High-End Firewalls VPN Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
291292293294295296297298299300
290
Figure 193 Add a PKI domain
Enter torsa as the PKI domain name.
Enter myca as the CA identifier.
Select aaa as the local entity.
Select CA as the authority for certificate request.
Enter http://4.4.4.133:446/c95e970f632d27be5e8cbf80e971d9c4a9a93337 as the URL for
certificate request. The URL must be in the format of http://host:port/Issuing Jurisdiction ID, where
Issuing Jurisdiction ID is a hexadecimal string generated on the CA.
Select Manual as the certificate request mode.
Click Advanced Configuration to display the advanced configuration items.
Select the Enable CRL Checking box.
Enter http://4.4.4.133:447/myca.crl as the CRL URL.
Click Apply. When the system displays "Fingerprint of the root certificate not specified. No root
certificate validation will occur. Continue?", click OK to confirm.
# Generate an RSA key pair.
Select VPN > Certificate Management > Certificate from the navigation tree and then click Create
Key to perform the configurations shown in Figure 194.