10: Security Settings
Certificate and Key Generation
The PremierWave XN can generate self signed certificates and their corresponding keys. This can be done for both the rsa and dsa certificate formats. Certificates can be identified on the PremierWave XN by a name provided at generation time.
Table 10-5 Certificate and Key Generation Settings
Certificate Generation | Description |
Settings |
|
Country (2 Letter Code) | Enter the |
| certificate. |
| Examples: US for United States and CA for Canada |
|
|
State/Province | Enter the state or province to be assigned to the new |
|
|
Locality (City) | Enter the city or locality to be assigned to the new |
|
|
Organization | Enter the organization to be associated with the new |
|
|
Organization Unit | Enter the organizational unit to be associated with the new |
| certificate. |
|
|
Common Name | Enter the common name to be associated with the new self signed |
| certificate. Note that this is a required field. |
|
|
Expires | Enter the expiration date, in mm/dd/yyyy format, for the new |
| certificate. |
| Example: An expiration date of May 9, 2012 is entered as 05/09/2012. |
|
|
Key length | Select the bit size of the new |
| 512 bits |
| 768 bits |
| 1024 bits |
| 2048 bits |
| The larger the bit size, the longer it takes to generate the key. |
|
|
Type | Select the type of key: |
| RSA = |
| numbers, invented by Rivest Shamir and Adleman. Used for encryption |
| and signing. |
| DSA = Digital Signature Algorithm also based on large prime numbers, |
| but can only be used for signing. Developed by the US government to |
| avoid the patents on RSA. |
|
|
To Create a New Credential
Using Web Manager
To create a new credential, gclick SSL in the menu and select Credentials.
Using the CLI
To enter the SSL command level: enable
To enter the Credentials command level: enable
PremierWave XN User Guide | 70 |