EasyManuals Logo
Home>HPE>Network Router>FlexNetwork MSR Series

HPE FlexNetwork MSR Series User Manual

HPE FlexNetwork MSR Series
861 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #448 background imageLoading...
Page #448 background image
94
Recommended configuration procedure for manual request
Step Remarks
1. Creating a PKI entity
Required.
Create a PKI entity and configure the identity information.
A certificate is the binding of a public key and the identity information of an
entity, where the distinguished name (DN) shows the identity information
of the entity. A CA identifies a certificate applicant uniquely by an entity
DN.
The DN settings of an entity must be compliant to the CA certificate issue
policy. Otherwise, the certificate request might be rejected. You must
know the policy to determine which entity parameters are mandatory or
optional.
2. Creating a PKI domain
Required.
Create a PKI domain, setting the certificate request mode to
Manual
.
Before requesting a PKI certificate, an entity needs to be configured with
some enrollment information, which is called a PKI domain.
A PKI domain is intended only for convenience of reference by other
applications like IKE and SSL, and has only local significance.
3. Generating an RSA key
pair
Required.
Generate a local RSA key pair.
By default, no local RSA key pair exists.
Generating an RSA key pair is an important step in certificate request.
The key pair includes a public key and a private key. The private key is
kept by the user, and the public key is transferred to the CA along with
some other information.
IMPORTANT:
If a local certificate already exists, you must remove the certificate before
generating a new key pair, so as to keep the consistency between the key
pair and the local certificate.
4. Retrieving the CA
certificate
Required.
Certificate retrieval serves the following purposes:
Locally store the certificates associated with the local security
domain for improved query efficiency and reduced query count,
Prepare for certificate verification.
IMPORTANT:
If a local CA certificate already exists, you cannot perform the CA
certificate retrieval operation. This restriction avoids possible mismatch
between certificates and registration information resulting from relevant
changes. To retrieve the CA certificate, you must remove the CA
certificate and local certificate first.

Table of Contents

Other manuals for HPE FlexNetwork MSR Series

Preview: Comware 7 Layer 3 - Ip Services Configuration Guides
Comware 7 Layer 3 - Ip Services Configuration Guides554 pages
Preview: Guide
Guide213 pages
Preview: Command Reference
Command Reference120 pages
Preview: Comware 5 Layer 2 - Wan Access Configuration Guide
Comware 5 Layer 2 - Wan Access Configuration Guide420 pages
Preview: Comware 5 Security Configuration Guide
Comware 5 Security Configuration Guide547 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HPE FlexNetwork MSR Series and is the answer not in the manual?

HPE FlexNetwork MSR Series Specifications

General IconGeneral
BrandHPE
ModelFlexNetwork MSR Series
CategoryNetwork Router
LanguageEnglish

Related product manuals