Prerequisite for using ssl, Authentication – HP 4100GL User Manual

Configuring Secure Socket Layer (SSL)
Prerequisite for Using SSL

■

CA-Signed Certificate:

A certificate verified by a third party certif

-

icate authority (CA). Authenticity of CA-Signed certificates can be
verified by an audit trail leading to a trusted root certificate.

■

Root Certificate:

A trusted certificate used by certificate authori

-

ties to sign certificates (CA-Signed Certificates) and used later on to
verify that authenticity of those signed certificates. Trusted certifi

-

cates are distributed as an integral part of most popular web clients.
(see browser documentation for which root certificates are pre

-

installed).

■

Manager Level:

Manager privileges on the switch.

■

Operator Level:

Operator privileges on the switch.

■

Local password or username:

A Manager-level or Operator-level

password configured in the switch.

■

SSL Enabled:

(1)A certificate key pair has been generated on the

switch (web interface or CLI command: crypto key generate cert
[key size]

(2) A certificate been generated on the switch (web

interface or CLI command: crypto host-cert generate self-signed
[arg-list]

) and (3) SSL is enabled (web interface or CLI command:

web-management ssl

). (You can generate a certificate without

enabling SSL, but you cannot enable SSL without first generating a
Certificate.

Prerequisite for Using SSL

Before using the switch as an SSL server, you must install a publicly or
commercially available SSL enabled web browser application on the com

-

puter(s) you use for management access to the switch.

Steps for Configuring and Using SSL for
Switch and Client Authentication

The general steps for configuring ssl include:

A. Client Preparation

5-4