Version 6.8 91 Mediant 2600 E-SBC
User's Manual 10. Configuring SSL/TLS Certificates
10.1.2 Assigning CSR-based Certificates to TLS Contexts
The following procedure describes how to request a digitally signed certificate from a
Certification Authority (CA) for a TLS Context. This process is referred to as a certificate
signing request (CSR) and is required if your organization employs a Public Key
Infrastructure (PKI) system. The CSR contains information identifying the device (such as a
distinguished name in the case of an X.509 certificate).
To assign a CSR-based certificate to a TLS Context:
1. Your network administrator should allocate a unique DNS name for the device (e.g.,
dns_name.corp.customer.com). This DNS name is used to access the device and
therefore, must be listed in the server certificate.
2. Open the TLS Contexts page (Configuration tab > System menu > TLS Contexts).
3. In the TLS Contexts table, select the required TLS Context index row, and then click
the Context Certificates button, located at the bottom of the TLS Contexts page;
the Context Certificates page appears.
4. Under the Certificate Signing Request group, do the following:
a. In the 'Subject Name [CN]' field, enter the DNS name.
b. From the 'Signature Algorithm' drop-down list, select the hash function algorithm
(SHA-1, SHA-256, or SHA-512) with which to sign the certificate.
c. Fill in the rest of the request fields according to your security provider's
instructions.
d. Click the Create CSR button; a textual certificate signing request is displayed in
the area below the button:
Figure 10-2: Certificate Signing Request Group
To Next Page
Loading...
