No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Guide - Security

S1720, S2700, S5700, and S6720 V200R011C10

This document describes the configurations of Security, including ACL, local attack defense, MFF, attack defense, traffic suppression and storm control, ARP security, Port security, DHCP snooping, ND snooping, PPPoE+, IPSG, SAVI, URPF, keychain, MPAC, separating the management plane from the service plane, security risks, PKI.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring a PKI Entity

Configuring a PKI Entity

Context

Local certificates are signed and issued by the CA. A local certificate is a bundle of public key and PKI entity. PKI entity information contains the identity information of the entity. The CA identifies a certificate applicant based on identity information provided by the entity. Therefore, the PKI entity must send the certificate enrollment request carrying PKI entity information to the CA when applying for a local certificate.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run pki entity entity-name

    A PKI entity is created and the PKI entity view is displayed; or the PKI entity view is displayed directly.

    By default, no PKI entity is configured.

    NOTE:

    Windows Server 2003 has a low processing performance. When the device is connected to a Windows Server 2003, the device cannot have too many entities configure or use the key pair with a large size. Otherwise, the device may fail to connect to the server.

  3. Run common-name common-name

    A common name is configured for the PKI entity.

    By default, no common name is configured for a PKI entity.

    To uniquely identify an applicant, you can run the following optional commands to configure the alias name for the PKI entity. If you do not configure alias names for the PKI entities that have the same common name, each of them will fail to apply for a certificate.

  4. (Optional) Run ip-address { ipv4-address | interface-type interface-number }

    An IP address is configured for the PKI entity.

    By default, no IP address is configured for a PKI entity.

  5. (Optional) Run fqdn fqdn-name

    A fully qualified domain name (FQDN) is configured for the PKI entity.

    By default, no FQDN name is configured for a PKI entity.

  6. (Optional) Run email email-address

    An email address is configured for the PKI entity.

    By default, no email address is configured for a PKI entity.

  7. (Optional) Run country country-code

    A country code is configured for the PKI entity.

    By default, no country code is configured for a PKI entity.

  8. (Optional) Run locality locality-name

    A geographic area is configured for the PKI entity.

    By default, no geographic area is configured for a PKI entity.

  9. (Optional) Run state state-name

    A state name or province name is configured for the PKI entity.

    By default, no state name or province name is configured for a PKI entity.

  10. (Optional) Run organization organization-name

    An organization name is configured for the PKI entity.

    By default, no organization name is configured for a PKI entity.

  11. (Optional) Run organization-unit organization-unit-name

    A department name is configured for the PKI entity.

    By default, no department name is configured for a PKI entity.

Translation
Download
Updated: 2019-03-28

Document ID: EDOC1000178177

Views: 219541

Downloads: 712

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next