Table 2-11, Http – FUJITSU SPARC M4000 User Manual
Page 112
2-56
SPARC Enterprise Mx000 Servers XSCF User’s Guide • April 2008
1. Construct the self CA for the XSCF.
2. Create a web server private key for the XSCF.
3. Make a web server certificate self-signed by the XSCF.
4. Enable https.
When one option of the sethttps(8) command for the self-authentication is
specified, the settings for
above are automatically completed at a time.
■
When the XSCF Unit is redundant, the https settings are automatically applied to
the standby XSCF Unit.
lists setting items and the corresponding shell commands.
TABLE 2-11
https Administration
Item
Description
Shell Command
Remarks
Display https
setting
Displays the https settings.
Information on whether https is enabled or
disabled and key states are displayed.
showhttps
Enabling/
disabling
Enables or disables https.
sethttps
External
authentication
When the external CA and CA in Intranet are
used, set the following.
• Create a web server private key of XSCF
• Make the Certificate Signing Request (CSR)
by XSCF and Request the issue of the
certificate to CA.
• Import a web server certificate to XSCF.
sethttps
Specify the following
Distinguished Name for
making a CSR.
• Country (2 letter: Ex.US,
JP), Province, Locality,
Organization,
Organizational unit,
Common name (Your name
or web server host name),
email address of
administrator
Self
authentication
Automatically, the self CA is constructed in
XSCF and the certificate is installed.
The following are set.
• A self CA is constructed
• A private key is made
• A web server certificate self-signed is made
sethttps
Specify the same DN as the
External authentication at
making a web server
certificate.
Display the
certificate
Displays the following:
• CSR
• Web server certificate
showhttps
The certificate expiration of
the self-CA is as follows:
• Server certificate: 10 year
The set value becomes
effective, when the certificate
will be created next time.