EasyManuals Logo

HPE FlexNetwork MSR Series User Manual

HPE FlexNetwork MSR Series
861 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #447 background imageLoading...
Page #447 background image
93
Managing certificates
Overview
Public Key Infrastructure (PKI) offers an infrastructure for securing network services. PKI, also called
asymmetric key infrastructure, uses a pair of keys (one private and one public) for data encryption
and decryption. Data encrypted with the public key can be decrypted only with the private key, and
vice versa.
PKI uses digital certificates to distribute and employ public keys, and provides network
communication and e-commerce with security services such as user authentication, data
confidentiality, and data integrity.
Hewlett Packard Enterprise's PKI system provides certificate management for IPsec, SSL, and
WAPI.
The PKI technology can satisfy the security requirements of online transactions. As an infrastructure,
PKI has a wide range of applications. Here are some application examples:
VPN—A VPN is a private data communication network built on the public communication
infrastructure. A VPN can leverage network layer security protocols (for example, IPsec) in
conjunction with PKI-based encryption and digital signature technologies to achieve
confidentiality.
Secure email—Emails require confidentiality, integrity, authentication, and non-repudiation.
PKI can address these needs. A common secure email protocol is S/MIME, which is based on
PKI and allows for transfer of encrypted mails with signature.
Web security—For Web security, two peers can establish an SSL connection first for
transparent and secure communications at the application layer. With PKI, SSL enables
encrypted communications between a browser and a server. Both the communication parties
can verify the identity of each other through digital certificates. For more information about PKI,
see Security Configuration Guide.
Recommended configuration procedure
The system supports the following PKI certificate request modes:
Manual—In manual mode, you need to manually retrieve a CA certificate, generate a local RSA
key pair, and submit a local certificate request for an entity.
Auto—In auto mode, an entity automatically requests a certificate through the SCEP when it
has no local certificate or the present certificate is about to expire.
You can specify the PKI certificate request mode for a PKI domain. Different PKI certificate request
modes require different configurations.

Table of Contents

Other manuals for HPE FlexNetwork MSR Series

Preview: Comware 7 Layer 3 - Ip Services Configuration Guides
Comware 7 Layer 3 - Ip Services Configuration Guides554 pages
Preview: Guide
Guide213 pages
Preview: Command Reference
Command Reference120 pages
Preview: Comware 5 Layer 2 - Wan Access Configuration Guide
Comware 5 Layer 2 - Wan Access Configuration Guide420 pages
Preview: Comware 5 Security Configuration Guide
Comware 5 Security Configuration Guide547 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HPE FlexNetwork MSR Series and is the answer not in the manual?

HPE FlexNetwork MSR Series Specifications

General IconGeneral
BrandHPE
ModelFlexNetwork MSR Series
CategoryNetwork Router
LanguageEnglish

Related product manuals