Cisco 3002 - VPN Hardware Client Specifikace Strana 178

  • Stažení
  • Přidat do mých příruček
  • Tisk
  • Strana
    / 318
  • Tabulka s obsahem
  • ŘEŠENÍ PROBLÉMŮ
  • KNIHY
  • Hodnocené. / 5. Na základě hodnocení zákazníků
Zobrazit stránku 177
12-30
VPN 3002 Hardware Client Reference, Release 4.0
OL-3813-01
Chapter 12 Administration
Obtaining SSL Certificates
Obtaining SSL Certificates
If you use a secure connection between your browser and the VPN 3002, the VPN 3002 requires an SSL
certificate. You only need one SSL certificate on your VPN 3002.
When you initially boot the VPN 3002, a self-signed SSL certificate is automatically generated. Because
a self-signed certificate is self-generated, this certificate is not verifiable. No CA has guaranteed its
identity. But this certificate allows you to make initial contact with the VPN 3002 using the browser. If
you want to replace it with another self-signed SSL certificate, follow these steps:
Step 1 Display the Administration | Certificate Management screen. (See Figure 12-19.)
Step 2 Click Generate above the SSL Certificate table. The new certificate appears in the SSL Certificate table,
replacing the existing one.
If you want to obtain a verifiable SSL certificate (that is, one issued by a CA), follow the same procedure
you used to obtain identity certificates. (See the Enrolling and Installing Identity Certificates
Automatically Using SCEP section.) But this time, on the Administration | Certificate Management |
Enroll screen, click SSL certificate (instead of Identity certificate).
Some web servers export their SSL certificates with the private key attached. If you have a PEM-encoded
certificate with a corresponding private key that you want to install, follow the same procedure you used
to obtain identity certificates. (See the Enrolling and Installing Identity Certificates Automatically
Using SCEP section.) But this time, on the Administration | Certificate Management | Installation
screen, click Install SSL certificate with private key (instead of Install certificate obtained via
enrollment).
Enabling Digital Certificates on the VPN 3002
Note Before you enable digital certificates on the VPN 3002, you must obtain at least one CA and one
identity certificate. If you do not have a CA and an identity certificate installed on your VPN 3002,
follow the steps in the previous section before beginning this section.
For the VPN 3002 to use the digital certificates you obtained, you must enable authentication using
digital certificates.
Step 1 Display the Configuration | System | Tunneling Protocols | IPSec screen.
Zobrazit stránku 177
1 2 ... 173 174 175 176 177 178 179 180 181 182 183 ... 317 318

Komentáře k této Příručce

Žádné komentáře