Chapter 2 Setting Up XSCF 2-61
b. Using the self CA
1. Construct the self CA for the XSCF.
2. Create a web server private key for the XSCF.
3. Make a web server certificate self-signed by the XSCF.
4. Enable https.
When one option of the sethttps(8) command for the self-authentication is
specified, the settings for Step 1 - Step 3 above are automatically completed at a time.
â– When the XSCF Unit is redundant, the https settings are automatically applied to
the standby XSCF Unit.
TABLE 2-11 lists setting items and the corresponding shell commands.
TABLE 2-11 https Administration
Item Description Shell Command Remarks
Display https
setting
Displays the https settings.
Information on whether https is enabled or
disabled and key states are displayed.
showhttps
Enabling/
disabling
Enables or disables https. sethttps
External
authentication
When the external CA and CA in Intranet are
used, set the following.
• Create a web server private key of XSCF
• Make the Certificate Signing Request (CSR)
by XSCF and Request the issue of the
certificate to CA.
• Import a web server certificate to XSCF.
sethttps Specify the following
Distinguished Name for
making a CSR.
• Country (2 letter: Ex.US,
JP), Province, Locality,
Organization,
Organizational unit,
Common name (Your name
or web server host name),
email address of
administrator
• Each value, except for
Country, must consist of up
to 64 characters.
For details of DN, see the
sethttps(8) man page, or
the XSCF Reference Manual.
To Next Page
Loading...
Need help?
General
