EasyManuals Logo

HPE FlexNetwork MSR Series Comware 5 Security Configuration Guide

HPE FlexNetwork MSR Series
547 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #269 background imageLoading...
Page #269 background image
256
d. Specify the path for certificate service in the Local path text box.
To avoid conflict with existing services, specify an available port number as the TCP port
number of the default website.
5. Synchronize the system time of the device with the CA server, so that the device can correctly
request certificates or obtain CRLs.
Configuring the router
1. Configure the entity DN:
# Configure the entity name as aaa and the common name as router.
<Router> system-view
[Router] pki entity aaa
[Router-pki-entity-aaa] common-name router
[Router-pki-entity-aaa] quit
2. Configure the PKI domain:
# Create PKI domain torsa and enter its view.
[Router] pki domain torsa
# Configure the name of the trusted CA as myca.
[Router-pki-domain-torsa] ca identifier myca
# Configure the URL of the registration server in the format of http://host:port/
certsrv/mscep/mscep.dll, where host:port indicates the IP address and port number of the CA
server.
[Router-pki-domain-torsa] certificate request url
http://4.4.4.1:8080/certsrv/mscep/mscep.dll
# Set the registration authority to RA.
[Router-pki-domain-torsa] certificate request from ra
# Specify the entity for certificate request as aaa.
[Router-pki-domain-torsa] certificate request entity aaa
3. Generate a local key pair using RSA:
[Router] public-key local create rsa
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
it will take a few minutes.
Press CTRL+C to abort.
Input the bits in the modulus [default = 1024]:
Generating Keys...
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++
4. Apply for certificates:
# Retrieve the CA certificate and save it locally.
[Router] pki retrieval-certificate ca domain torsa
Retrieving CA/RA certificates. Please wait a while......
The trusted CA's finger print is:
MD5 fingerprint:766C D2C8 9E46 845B 4DCE 439C 1C1F 83AB
SHA1 fingerprint:97E5 DDED AB39 3141 75FB DB5C E7F8 D7D7 7C9B 97B4

Table of Contents

Other manuals for HPE FlexNetwork MSR Series

Preview: Configuration Guide
Configuration Guide861 pages
Preview: Comware 7 Layer 3 - Ip Services Configuration Guides
Comware 7 Layer 3 - Ip Services Configuration Guides554 pages
Preview: Guide
Guide213 pages
Preview: Command Reference
Command Reference120 pages
Preview: Comware 5 Layer 2 - Wan Access Configuration Guide
Comware 5 Layer 2 - Wan Access Configuration Guide420 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HPE FlexNetwork MSR Series and is the answer not in the manual?

HPE FlexNetwork MSR Series Specifications

General IconGeneral
BrandHPE
ModelFlexNetwork MSR Series
CategoryNetwork Router
LanguageEnglish

Related product manuals