EasyManuals Logo
Home>HP>Switch>3600 v2 Series

HP 3600 v2 Series Configuration Guide

HP 3600 v2 Series
449 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #266 background imageLoading...
Page #266 background image
253
needs to query the status of the request periodically to get the certificate as soon as possible after
the certificate is signed. You can configure the polling interval and count to query the request status.
• IP address of the LDAP server—An LDAP server is usually deployed to store certificates and CRLs.
If this is the case, you must configure the IP address of the LDAP server.
• Fingerprint for root certificate verification—After receiving the root certificate of the CA, an entity
needs to verify the fingerprint of the root certificate, namely, the hash value of the root certificate
content. This hash value is unique to every certificate. If the fingerprint of the root certificate does not
match the one configured for the PKI domain, the entity will reject the root certificate.
Configuration guidelines
• Up to two PKI domains can be created on a switch.
• The CA name is required only when you retrieve a CA certificate. It is not used when in local
certificate request.
• The certificate request URL does not support domain name resolution.
Configuration procedure
To configure a PKI domain:
Step Command Remarks
1. Enter system view.
system-view N/A
2. Create a PKI domain and
enter its view.
pki domain domain-name No PKI domain exists by default.
3. Specify the trusted CA. ca identifier name
No trusted CA is specified by
default.
4. Specify the entity for
certificate request.
certificate request entity
entity-name
No entity is specified by default.
The specified entity must exist.
5. Specify the authority for
certificate request.
certificate request from { ca | ra }
No authority is specified by
default.
6. Configure the certificate
request URL.
certificate request url url-string
No certificate request URL is
configured by default.
7. Configure the polling interval
and attempt limit for querying
the certificate request status.
certificate request polling { count
count | interval minutes }
Optional.
The polling is executed for up to 50
times at the interval of 20 minutes
by default.
8. Specify the LDAP server.
ldap-server ip ip-address [ port
port-number ] [ version
version-number ]
Optional.
No LDP server is specified by
default.

Table of Contents

Other manuals for HP 3600 v2 Series

Preview: Command Reference
Command Reference479 pages
Preview: Installation Guide
Installation Guide62 pages
Preview: Security Configuration Guide
Security Configuration Guide398 pages
Preview: Compliance And Safety Manual
Compliance And Safety Manual51 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HP 3600 v2 Series and is the answer not in the manual?

HP 3600 v2 Series Specifications

General IconGeneral
BrandHP
Model3600 v2 Series
CategorySwitch
LanguageEnglish

Related product manuals