Cisco Systems OL-16647-01 manual Local Certificate Authority, Show Code-Signer Certificate Details

Page 12

Chapter 33 Configuring Certificates

Local Certificate Authority

Delete an existing Identity Certificate. See Delete a Code-Signer Certificate. Export an existing Identity Certificate. See Import or Export a Code-Signer Certificate.

Show Code-Signer Certificate Details

The Show Details button displays the Code Signer Details dialog box, which shows the following information about the selected certificate:

General—Displays the values for type, serial number, status, usage, public key type, CRL distribution point, the times within which the certificate is valid, and associated certificates. This applies to both available and pending status.

Issued to— Displays the X.500 fields of the subject DN or certificate owner and their values. This applies only to available status.

Issued by—Displays the X.500 fields of the entity granting the certificate. This applies only to available status.

Delete a Code-Signer Certificate

The Delete button immediately removes the selected Code Signer certificate configuration from the security appliance. Once you delete a configuration, it cannot be restored; to recreate the configuration, you must use the Import button to reenter the configuration information from the beginning

Note Once you delete a Code Signer configuration, it cannot be restored.

Import or Export a Code-Signer Certificate

Assign values to the fields in the Import Certificate window as follows:

Decryption Passphrase: Specify the passphrase used to decrypt the PKCS12 file

Files to Import From: You can type the pathname of the file in the box or you can click Browse and search for the file. Browse displays the Import Certificate dialog box, which lets you navigate to the file containing the certificate.

Assign values to the fields in the Export Certificate window as follows:

Export to file—Specify the name of the PKCS12-format file to use in exporting the certificate configuration;

Certificate Format: Click PKCS12 format, the public key cryptography standard, which can be base64 encoded or hexadecimal, or click PEM format.

Browse—Display the Select a File dialog box that lets you navigate to the file to which you want to export the certificate configuration.

Decryption Passphrase—Specify the passphrase used to decrypt the PKCS12 file for export.

Confirm Passphrase—Verify the decryption passphrase.

Export Certificate—Exports the configuration.

Local Certificate Authority

The Local Certificate Authority (CA) provides a secure configurable inhouse authority that resides the security appliance for certificate authentication.

 

Cisco Security Appliance Command Line Configuration Guide

33-12

OL-16647-01

Page 11 Page 13
Image 12
Page 11 Page 13
Contents CA Certificate Authentication A P T E RCA Certificates Fields 33-1Firewall Mode Security Context Multiple Routed ModesSingle Context System 33-2Edit CA Certificate Configuration Show CA Certificate DetailsRequest CRL Delete a CA CertificateConfiguration Options for CA Certificates Revocation Check ConfigurationCRL Retrieval Policy Configuration 33-4Advanced Configuration Options 33-5Identity Certificates Authentication 33-6Add/Install an Identity Certificate Add Identity Certificate Fields33-7 Show Identity Certificate Details Certificate Subject DN Attributes33-8 Delete an Identity Certificate Export an Identity CertificateExport Identity Certificate Fields 33-9Installing Identity Certificates Generate Certificate Signing RequestGenerate Certificate Signing Request Fields 33-10To install an Identity Certificate Code-Signer CertificatesTo Add the Identity Certificate 33-11Local Certificate Authority Show Code-Signer Certificate DetailsDelete a Code-Signer Certificate Import or Export a Code-Signer CertificateDefault Local CA Server Configurable ParametersDefaults 33-13Configuring the Local CA Sever 33-14More Local CA Configuration Options 33-1533-16 Deleting the Local CA Server 33-17Manage User Certificates Manage User DatabaseRevoking a Local CA Certificate Unrevoking a Local CA CertificateEdit a Local CA User Delete a Local CA UserAllow Enrollment Email OTP33-20
Top Page Image Contents