12 PKI Configuration
About This Chapter
12.1 PKI Overview
The Public Key Infrastructure (PKI) is a system that generates public keys and digital certificates,
and verifies identities of certificate subjects to ensure information security. PKI provides a
certificate management mechanism for the IP Security (IPSec) protocol and Secure Sockets
Layer (SSL) protocol.
12.2 PKI Features Supported by the AR1200-S
On the AR1200-S, you can configure PKI entities, PKI domains, manually or automatically
enroll certificates, authenticate certificate validity, manage certificates, import or export
certificates, and delete expired certificates.
12.3 Configuring a PKI Entity
A certificate binds a public key to a set of information that uniquely identifies a PKI entity. A
PKI entity identifies a certificate applicant.
12.4 Configuring a PKI Domain
Before an entity applies for a PKI certificate, registration information needs to be configured
for the entity. A set of the registration information is the PKI domain of the entity.
12.5 Configuring Certificate Enrollment
Certificate enrollment is a process in which an entity registers with a CA and obtains a certificate
from the CA. During this process, the entity provides the identity information and public key,
which will be added to the certificate issued to the entity.
12.6 Configuring Certificate Authentication
Before a certificate is used, it must be authenticated.
12.7 Managing Certificates
Managing certificates include deleting, importing, and exporting certificates, and configuring
the default path where certificates are stored.
12.8 Configuration Examples
Huawei AR1200-S Series Enterprise Routers
Configuration Guide - Security 12 PKI Configuration
Issue 02 (2012-03-30) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
233
To Next Page
Loading...
Need help?
General
