ADC CUDA 3 User Manual

ADC Telecommunications, Inc.

458

C

HAPTER

19: M

ANAGING

C

ABLE

M

ODEMS

Configuring Trust and Validity for Manufacturer Certificates

A Certificate Authority (CA) is a self-signed certificate containing the DOCSIS
CA’s trusted public key. The manufacturer issues an X.509 certificate that
binds the cable modem public key to other identifying information. BPI+ uses
the X.509 digital certificate to authenticate key exchanges between the
cable modem and CMTS.

You can configure and display trust for all new self-assigned manufacturer
certificates, as well as for existing certificates for a specified cable modem. In
addition you can configure certificates to have or not to have their validity
period checked against the current time of day. Note that this task applies to
BPI+ only.

Configuring trust and validity for certificates involves setting the following
parameters:

Table 19-5 Parameters for Setting and Displaying Trust and Validity for

Certificates

Parameter

Description

interface cable <c/s/i>

The interface for which you want to display
certificates.

mac-address

The MAC address of the cable modem for which
you want to display certificates.

trusted

Sets a valid certificate.

untrusted

Sets an invalid certificate. The default is set to
untrusted.

enable

Sets the certificate to True. This means that the
validity is checked against the current time of day.

disable

Sets the certificate to False. This means that the
validity is not checked against the current time of
day.

learnt

Indicates that you want to display the certificates
for the cable modems.

provisioned

Indicates that you want to display the certificates
for the provisioned cable modem.

details

Indicates that you want to display the BPI+
privacy authorization for the provisioned cable
modem.