EasyManuals Logo

HP 5920 Series Configuration Guide

HP 5920 Series
424 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #198 background imageLoading...
Page #198 background image
187
1. A PKI entity submits a certificate request to the RA.
2. The RA verifies the identity of the entity and sends a digital signature containing the identity
information and the public key to the CA.
3. The CA verifies the digital signature, approves the request, and issues a certificate.
4. After receiving the certificate from the CA, the RA sends the certificate to the LDAP server or other
certificate repositories to provide directory navigation services. It notifies the PKI entity that the
certificate is successfully issued.
5. The entity obtains the certificate from the certificate repository.
PKI applications
The PKI technology can meet security requirements of online transactions. As an infrastructure, PKI has a
wide range of applications. Here are some application examples.
• VPN—A VPN is a private data communication network built on the public communication
infrastructure. A VPN can leverage network layer security protocols (for example, IPsec) in
conjunction with PKI-based encryption and digital signature technologies for confidentiality.
• Secure emails—PKI can address the email requirements for confidentiality, integrity, authentication,
and non-repudiation. A common secure email protocol is Secure/Multipurpose Internet Mail
Extensions (S/MIME), which is based on PKI and allows for transfer of encrypted mails with
signature.
• Web security—PKI are used in the SSL handshake phase to verify the identities of the
communicating parties by digital certificates.
Support for MPLS L3VPN
An enterprise might have multiple branches in different VPNs. PKI support for MPLS L3VPN is required if
users in different VPNs request certificates from the CA server in the headquarters VPN.
As shown in Figure 72,
the PKI entity in VPN 1 requests a certificate from the CA server in VPN 3 in the
f
ollowing workflow:
1. The PKI entity submits a certificate request to the CA server.
2. The PE device that connects to the PKI entity transmits the request to the CA server through MPLS
L3VPN.
3. The CA server verifies the request and issues the certificate.
4. The PE device that connects to the CA server transmits the certificate to the PKI entity.
For information about MPLS L3VPN, see MPLS Configuration Guide.

Table of Contents

Other manuals for HP 5920 Series

Preview: Command Reference
Command Reference607 pages
Preview: Fundamentals Configuration Guide
Fundamentals Configuration Guide215 pages
Preview: Installation Guide
Installation Guide63 pages
Preview: Troubleshooting Guide
Troubleshooting Guide52 pages
Preview: Fc And Fcoe Configuration Guide
Fc And Fcoe Configuration Guide257 pages
Preview: Compliance And Safety Manual
Compliance And Safety Manual58 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HP 5920 Series and is the answer not in the manual?

HP 5920 Series Specifications

General IconGeneral
BrandHP
Model5920 Series
CategorySwitch
LanguageEnglish

Related product manuals