1-4
2) The RA reviews the identity of the entity and then sends the identity information and the public key
with a digital signature to the CA.
3) The CA verifies the digital signature, approves the application, and issues a certificate.
4) The RA receives the certificate from the CA, sends it to the LDAP server to provide directory
navigation service, and notifies the entity that the certificate is successfully issued.
5) The entity retrieves the certificate. With the certificate, the entity can communicate with other
entities safely through encryption and digital signature.
6) The entity makes a request to the CA when it needs to revoke its certificate, while the CA approves
the request, updates the CRLs and publishes the CRLs on the LDAP server.
PKI Configuration Task List
Complete the following tasks to configure PKI:
Task Remarks
Configuring an Entity DN Required
Configuring a PKI Domain Required
Submitting a Certificate Request in Auto Mode
Submitting a PKI
Certificate Request
Submitting a Certificate Request in Manual Mode
Required
Use either
approach
Retrieving a Certificate Manually Optional
Configuring PKI Certificate Optional
Destroying a Local RSA Key Pair Optional
Deleting a Certificate Optional
Configuring an Access Control Policy Optional
Configuring an Entity DN
A certificate is the binding of a public key and the identity information of an entity, where the identity
information is identified by an entity distinguished name (DN). A CA identifies a certificate applicant
uniquely by entity DN.
An entity DN is defined by these parameters:
z Common name of the entity.
z Country code of the entity, a standard 2-character code. For example, CN represents China and
US represents the United States of America.
z Fully qualified domain name (FQDN) of the entity, a unique identifier of an entity on the network. It
consists of a host name and a domain name and can be resolved to an IP address. For example,
www.whatever.com is an FQDN, where www is a host name and whatever.com a domain name.
z IP address of the entity.
z Locality where the entity resides.
z Organization to which the entity belongs.
z Unit of the entity in the organization.
z State where the entity resides.
To Next Page
Loading...