5–Managing Switches
Configuring the Network
5-50 59266-01 B
IPsec Certificates
A certificate is used to authenticate an IKE peer. A certificate name is a string of
up to 32 characters. The peer systems automatically exchange their own digital
certificates and provide authentication based on the validity of the certificates and
their enclosed public keys.
Use the IKE Certs dialog box to:
Import or delete a certificate authority (CA)
Generate, import, or delete a certificate key
Import or delete a certificate
Generate a certificate request
A certificate request specifies the information packaged in a certificate request
file. A certificate request file is generated on the switch and sent to the customer's
certificate authority vendor to be authenticated. After the certificate request file
contents are authenticated, the CA sends the customer a signed certificate
containing the public key, Distinguished Name (DN), AltNames, and CA identity to
the switch. This certificate can then be imported and used in the Certificate Name
field of the IKE Peer dialog (Figure 5-20) for public key authentication.
Figure 5-24. IKE Certificates Dialog Box
Table 5-11 provides field definitions for the IKE Certificates dialog box.
Table 5-11. IKE Certificates Dialog Box Buttons
Button Description
Import CA
Imports a certificate authority—an entity or vendor that
issues and verifies certificates for use by other parties
To Next Page
Loading...
Need help?
General
