Configuration procedure – H3C Technologies H3C SecPath F1000-E User Manual

Page 332

Advertising
background image

320

Figure 209 Network diagram

Configuration procedure

1.

Configure SecPath A:
# Configure the entity DN.

<SecPathA> system-view

[SecPathA] pki entity en

[SecPathA-pki-entity-en] ip 2.2.2.1

[SecPathA-pki-entity-en] common-name SecPatha

[SecPathA-pki-entity-en] quit

# Configure the PKI domain. The URL of the registration server varies with the CA server.

[SecPathA] pki domain 1

[SecPathA-pki-domain-1] ca identifier CA1

[SecPathA-pki-domain-1] certificate request url

http://1.1.1.100/certsrv/mscep/mscep.dll

[SecPathA-pki-domain-1] certificate request entity en

[SecPathA-pki-domain-1] ldap-server ip 1.1.1.102

# Set the registration authority to RA.

[SecPathA-pki-domain-1] certificate request from ra

# Configure the CRL distribution URL. This is not necessary if CRL checking is disabled.

[SecPathA-pki-domain-1] crl url ldap://1.1.1.102

[SecPathA-pki-domain-1] quit

# Create a local key pair using RSA.

Advertising
This manual is related to the following products:

H3C SecPath F5000-A5 Firewall, H3C SecPath F1000-A-EI, H3C SecPath F1000-E-SI, H3C SecPath F1000-S-AI, H3C SecPath F5000-S Firewall, H3C SecPath F5000-C Firewall, H3C SecPath F100-C-SI, H3C SecPath F1000-C-SI, H3C SecPath F100-A-SI, H3C SecBlade FW Cards, H3C SecBlade FW Enhanced Cards, H3C SecPath U200-A U200-M U200-S, H3C SecPath U200-CA U200-CM U200-CS

Popular Brands
Popular manuals