H3C Technologies H3C WX3000E Series Wireless Switches User Manual
Page 621
600
4.
Configure the parameters as described in
.
5.
Click Apply.
Table 191 Configuration items
Item Description
Domain Name
Enter the name for the PKI domain.
CA Identifier
Enter the identifier of the trusted CA.
An entity requests a certificate from a trusted CA. The trusted CA takes the
responsibility of certificate registration, distribution, and revocation, and query.
In offline mode, this item is optional. In other modes, this item is required.
Entity Name
Select the local PKI entity.
When submitting a certificate request to a CA, an entity needs to show its identity
information.
Available PKI entities are those that have been configured.
Institution
Select the authority for certificate request:
•
CA—The entity requests a certificate from a CA.
•
RA—The entity requests a certificate from an RA.
RA is recommended.
Requesting URL
Enter the URL of the RA.
The entity will submit the certificate request to the server at this URL through the SCEP
protocol. The SCEP protocol is intended for communication between an entity and an
authentication authority.
In offline mode, this item is optional. In other modes, this item is required.
IMPORTANT:
This item does not support domain name resolution.
LDAP IP
Port
Version
Enter the IP address, port number and version of the LDAP server.
In a PKI system, the storage of certificates and CRLs is a crucial problem, which is
usually addressed by deploying an LDAP server.
Request Mode
Select the online certificate request mode: Auto or Manual.
Password
Confirm Password
Enter and confirm the password for certificate revocation.
The parameters appear when the certificate request mode is set to Auto.