Configuration guidelines – H3C Technologies H3C SecPath F1000-E User Manual

Page 337

Advertising

325

•

Specify the CRL distribution URL.

•

Re-configure the LDAP version.

Configuration guidelines

When you configure PKI, note the following guidelines:

•

Make sure the clocks of entities and the CA are synchronous. Otherwise, the validity period of
certificates will be abnormal.

•

The Windows 2000 CA server has some restrictions on the data length of a certificate request. If the
PKI entity identity information in a certificate request goes beyond a certain limit, the server will not

respond to the certificate request.

•

The SCEP add-on is required when you use the Windows Server as the CA. In this case, specify RA
as the authority for certificate request when you configure the PKI domain.

•

The SCEP add-on is not required when you use the RSA Keon software as the CA. In this case,

specify CA as the authority for certificate request when you configure the PKI domain.

Advertising

This manual is related to the following products:

H3C SecPath F5000-A5 Firewall, H3C SecPath F1000-A-EI, H3C SecPath F1000-E-SI, H3C SecPath F1000-S-AI, H3C SecPath F5000-S Firewall, H3C SecPath F5000-C Firewall, H3C SecPath F100-C-SI, H3C SecPath F1000-C-SI, H3C SecPath F100-A-SI, H3C SecBlade FW Cards, H3C SecBlade FW Enhanced Cards, H3C SecPath U200-A U200-M U200-S, H3C SecPath U200-CA U200-CM U200-CS

Popular Brands

Popular manuals