Manualshelf

R3721-F3210-F3171-HP High-End Firewalls VPN Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
301302303304305306307308309310
295
Figure 200 Add PKI domain
Enter 1 as the PKI domain name.
Enter CA1 as the CA identifier.
Select en as the local entity.
Select RA as the authority for certificate request.
Enter h t t p : / / 1.1.1.1 0 0 / c e r t s r v / m s c e p / m s c e p . d l l as the URL for certificate request. (The RA URL
given here is just an example. Configure the RA URL as required.)
Enter 1.1.1.102 as the IP address of the LDAP server, 389 as the port number, and select 2 as the
version number.
Select Manual as the certificate request mode.
Click Advanced Configuration to display the advanced configuration items.
Select the Enable CRL Checking box.
Enter ldap://1.1.1.102 as the URL for CRLs.
Click Apply. When the system displays "Fingerprint of the root certificate not specified. No root
certificate validation will occur. Continue?", click OK to confirm.
# Generate an RSA key pair.
Select VPN > Certificate Management > Certificate from the navigation tree and then click Create
Key to perform the configurations shown in Figure 201.