Allied Telesis AT-S63 User Manual

Contents

12

Section VIII: Management Security ......................................................................749

Chapter 32: Web Server ..............................................................................................................................751
Web Server Overview .....................................................................................................................................752

Supported Protocols .................................................................................................................................752

Configuring the Web Server............................................................................................................................753
General Steps for Configuring the Web Server for Encryption .......................................................................756

General Steps for a Self-signed Certificate ..............................................................................................756
General Steps for a Public or Private CA Certificate ................................................................................756

Chapter 33: Encryption Keys ......................................................................................................................759
Basic Overview ...............................................................................................................................................760

Encryption Key Length .............................................................................................................................761
Encryption Key Guidelines .......................................................................................................................761

Technical Overview.........................................................................................................................................762

Data Encryption ........................................................................................................................................762
Data Authentication ..................................................................................................................................764
Key Exchange Algorithms ........................................................................................................................765

Creating an Encryption Key ............................................................................................................................767
Deleting an Encryption Key.............................................................................................................................771
Modifying an Encryption Key ..........................................................................................................................772
Exporting an Encryption Key...........................................................................................................................773
Importing an Encryption Key...........................................................................................................................776
Displaying the Encryption Keys ......................................................................................................................779

Chapter 34: PKI Certificates and SSL ........................................................................................................781
Basic Overview ...............................................................................................................................................782

Types of Certificates.................................................................................................................................782
Distinguished Names................................................................................................................................783
SSL and Enhanced Stacking....................................................................................................................784
Guidelines.................................................................................................................................................785

Technical Overview.........................................................................................................................................786

SSL Encryption.........................................................................................................................................786
User Verification .......................................................................................................................................787
Authentication...........................................................................................................................................788
Public Key Infrastructure ..........................................................................................................................788
Public Keys...............................................................................................................................................788
Message Encryption .................................................................................................................................788
Digital Signatures .....................................................................................................................................788
Certificates................................................................................................................................................789
Elements of a Public Key Infrastructure ...................................................................................................790
Certificate Validation.................................................................................................................................791
Certificate Revocation Lists (CRLs)..........................................................................................................791
PKI Implementation ..................................................................................................................................792

Creating a Self-signed Certificate ...................................................................................................................793
Adding a Certificate to the Database ..............................................................................................................797
Modifying a Certificate ....................................................................................................................................800
Deleting a Certificate.......................................................................................................................................803
Viewing a Certificate .......................................................................................................................................805
Generating an Enrollment Request.................................................................................................................808
Installing CA Certificates onto a Switch ..........................................................................................................811
Viewing or Configuring the Number of Certificates in the Database ...............................................................812
Configuring SSL..............................................................................................................................................813