HP VPN Firewall Appliances VPN Configuration Guide
265
Item Descri
p
tion
CA Identifier
Enter the identifier of the trusted CA.
An entity requests a certificate from a trusted CA. The trusted CA takes the responsibility
of certificate registration, distribution, and revocation, and query.
IMPORTANT:
• In offline mode, this item is optional. In other modes, this item is required.
• The CA identifier is required only when you retrieve a CA certificate. It is not used
during local certificate request.
Entity Name
Select the local PKI entity.
When submitting a certificate request to a CA, an entity needs to show its identity
information.
Available PKI entities are those that have been configured on the Web interface you can
enter by selecting VPN > Certificate Management > Entity.
Institution
Select the authority for certificate request.
• CA—Entity requests a certificate from a CA.
• RA—Entity requests a certificate from an RA.
Requesting URL
Enter the URL of the RA.
The entity will submit the certificate request to the server at this URL through the SCEP
protocol. The SCEP protocol is intended for communication between an entity and an
authentication authority.
In offline mode, this item is optional. In other modes, this item is required.
IMPORTANT:
• In offline mode, this item is optional. In other modes, this item is required.
• This item does not support domain name resolution.
LDAP IP
Enter the IP address, port number, and version number of the LDAP server.
Usually, an LDAP server stores certificates and CRL information. The LDAP server must be
configured properly..
Port
Version
Request Mode
Select the online certificate request mode, which can be Auto or Manual.
Password
Set a password for certificate revocation and re-enter it for confirmation.
The two boxes are available only when the certificate request mode is set to Auto..
Confirm Password