Chapter 2 Setting Up XSCF 2-61
b. Using the self CA
1. Construct the self CA for the XSCF.
2. Create a web server private key for the XSCF.
3. Make a web server certificate self-signed by the XSCF.
4. Enable https.
When one option of the sethttps(8) command for the self-authentication is
specified, the settings for Step 1 - Step 3 above are automatically completed at a time.
■ When the XSCF Unit is redundant, the https settings are automatically applied to
the standby XSCF Unit.
TABLE 2-11 lists setting items and the corresponding shell commands.
TABLE 2-11 https Administration
Item Description Shell Command Remarks
Display https
setting
Displays the https settings.
Information on whether https is enabled or
disabled and key states are displayed.
showhttps
Enabling/
disabling
Enables or disables https. sethttps
External
authentication
When the external CA and CA in Intranet are
used, set the following.
• Create a web server private key of XSCF
• Make the Certificate Signing Request (CSR)
by XSCF and Request the issue of the
certificate to CA.
• Import a web server certificate to XSCF.
sethttps Specify the following
Distinguished Name for
making a CSR.
• Country (2 letter: Ex.US,
JP), Province, Locality,
Organization,
Organizational unit,
Common name (Your name
or web server host name),
email address of
administrator
• Each value, except for
Country, must consist of up
to 64 characters.
For details of DN, see the
sethttps(8) man page, or
the XSCF Reference Manual.
To Next Page
Loading...
