Figure 12-2 PKI configuration roadmap
Configure a PKI entity
Configure a PKI entity identifier
(Optional) Configure PKI entity
attributes
Configure a PKI domain
Create a PKI domain
Configure the trusted CA name and
enrollment URL
(Optional) Configure CA certificate
fingerprint
(Optional) Configure other attributes
in the PKI domain
Configure manual certificate
enrollment, configure automatic
certificate enrollment and update, or
configure a self-signed or local
certificate
Configure certificate
enrollment
Delete a CA certificate or local
certificate
Import a certificate
Export a certificate
(Optional) Configure
certificate authentication
(Optional) Manage
certificates
Configure the certificate check mode
Check certificate validity
License Support
The PKI function is used with a license. To use the PKI function, apply for and purchase the
following license from the Huawei local office:
l AR1200 Value-Added Security Package
12.3 Configuring a PKI Entity
A certificate binds a public key to a set of information that uniquely identifies a PKI entity. A
PKI entity identifies a certificate applicant.
12.3.1 Establishing the Configuration Task
Before configuring a PKI entity, familiarize yourself with the applicable environment, complete
the pre-configuration tasks, and obtain the data required for configuration. This will help you
complete the configuration task quickly and accurately.
Applicable Environment
A certificate binds a public key to a set of information that uniquely identifies a PKI entity. A
distinguished name (DN) of an entity is the identity information of the entity. The identity
information provided by an entity uniquely identifies a certificate applicant.
Huawei AR1200-S Series Enterprise Routers
Configuration Guide - Security 12 PKI Configuration
Issue 02 (2012-03-30) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
237
To Next Page
Loading...
