Installing server certificates using cmp – Panasonic NN46110-600 User Manual
Page 87
Attention! The text in this document has been recognized automatically. To view the original document, you can use the "Original mode".
Chapter 3 Using certificates 77
Installing server certificates using CMP
You use the Certificate Management Protocol (CMP) to create a CMP compliant
certificate request. CMP targets management functions for the entire certificate or
key life for enrollment, renewal, recovery, and revocation. It defines message
formats and includes its own message protection. The CA is located on the private
network if it has a publicly accessible IP address.
Figure 13 shows a CMP environment.
Figure 13
Sample CMP environment
To initialize the VPN Router for initial certificate enrollment with CMP, you need
the following:
•
Issuer name—CA distinguished name
•
Subject name—EE distinguished name (common name, organization,
organizational unit)
•
Reference number—used to identify the secret value
•
Transaction ID or authorization code—initial secret value
•
Enrollment URL or destination (host name or IP address) and optional port
number
•
Imported root CA certificate
Nortel VPN Router Security — Servers, Authentication, and Certificates