188
Figure 72 PKI support for MPLS L3VPN
FIPS compliance
The device supports the FIPS mode that complies with NIST FIPS 140-2 requirements. Support for features,
commands, and parameters might differ in FIPS mode (see "Configuring FIPS") and non-
FIPS mode.
PKI configuration task list
Tasks at a glance
(Required.) Configuring a PKI entity
(Required.) Configuring a PKI domain
(Required.) Requesting a certificate
• Configuring automatic certificate request
• Manually requesting a certificate
(Optional.) Aborting a certificate request
(Optional.) Obtaining certificates
(Optional.) Verifying PKI certificates
(Optional.) Specifying the storage path for the certificates and CRLs
(Optional.) Exporting certificates
(Optional.) Removing a certificate
(Optional.) Configuring a certificate access control policy
Configuring a PKI entity
A CA identifies a certificate applicant by the identity information. A valid PKI entity must include at least
one of following identity categories:
• Distinguished name (DN) of the entity, which further includes the common name, county code,
locality, organization, unit in the organization, and state. If you configure the DN for an entity, a
common name is required.
To Next Page
Loading...
