Step 2 Run:
pki realm realm-name
A PKI domain is configured.
By default, no PKI domain is configured on the AR1200-S.
Step 3 Run:
rsa-key-size size
The RSA key length of certificates is set.
By default, the RSK key length of certificates is 1024 on the AR1200-S.
----End
12.4.8 (Optional) Configuring a Source IP Address for TCP
Connection Setup
The AR1200-S uses a specified source IP address to establish a TCP connection with the Simple
Certificate Enrollment Protocol (SCEP) server or Online Certificate Status Protocol (OCSP)
server.
Procedure
Step 1 Run:
system-view
The system view is displayed.
Step 2 Run:
pki realm realm-name
A PKI domain is configured.
By default, no PKI domain is configured on the AR1200-S.
Step 3 Run:
source interface interface-name
The source interface is specified. The AR1200-S uses the IP address of this interface to set up
a TCP connection.
By default, the AR1200-S uses an outbound interface's IP address as the source IP address for
TCP connection setup.
----End
12.4.9 Checking the Configuration
After a PKI domain is configured, you can check the PKI domain configuration.
Procedure
l Run the display pki realm [ pki-realm-name ] command to check the PKI domain
configuration.
----End
Huawei AR1200-S Series Enterprise Routers
Configuration Guide - Security 12 PKI Configuration
Issue 02 (2012-03-30) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
244
To Next Page
Loading...
Need help?
General
