Specifications

ManualsBrandsSiemens ManualsIP PhoneHIPATH V1.2.33

181

182

183

184

185

186

187

188

189

190

Explorers Nur für den internen Gebrauch

A31003-H3580-M103-2-76A9, 01-2009

7-52 HiPath 3000/5000 V8 - HG 1500 V8, Administrator Documentation

hg-07.fm

Security

The Generate IPsec Peer Certificate mask is displayed. You can edit the following fields:

● Passphrase for encryption: Enter a password that you have defined (with at least seven

characters) in this field. This password is requested if you want to import or view a

PKCS#12 file.

● Reenter Passphrase for encryption: Repeat the password specified above in this field.

● Serial Number of Certificate: Enter a serial number that you defined in this field. The num-

ber must be a positive integer.

The other fields are the same as those available when generating a CA certificate (see Section

7.2.5.6, "Generating CA certificates").

When all settings are complete, click Generate Certificate. The Web browser displays a mask

that lets you save the certificate file under a random name and in a random location. The cer-

tificate name is used for the file name. Enter .p12 as the file extension.

You must activate the configuration for the changes to become effective in the configuration –

see Section 7.2.5.2, "Activate the Configured VPN Tables".

7.2.5.11 Updating CA-signed peer certificates [X.509]

You can extend the period of validity of a CA-signed peer certificate: This is only possible if you

have already saved a CA-signed server certificate as PKCS#12 file (see Section 7.2.5.10, "Ge-

nerating CA-signed peer certificates [PKCS#12]").

WBM path:

WBM (write access activated with the Padlock icon in the control area?) > Explorers > Security

> (double-click) VPN > (double-click) Lightweight CA > (right-click) selected certificate > Up-

date CA-Signed Peer Certificate [X.509]

The Update Ipsec Peer Certificate mask is displayed. You can edit the following fields:

● Serial Number of Certificate: Enter a serial number that you defined in this field. The num-

ber must be a positive integer.

● Certificate to be Updated: Enter the path and the file name of the certificate to be updated.

Click Browse... to open a dialog to search for the certificate.

● Start Time of Validity Period (GMT): Enter the start time for certificate validity in these

fields. The time specified is interpreted as Greenwich Mean Time (GMT).

● End Time of Validity Period (GMT): Enter the end time for certificate validity in these fields.

The time specified is interpreted as Greenwich Mean Time (GMT).

A serial number that is used once may not be used for another certificate as the

serial number must be unique for every certificate that is created.