Multitech RFIPSC-10, RFIPSC-50 quick start Identity Information, Inquiring Certificate Identity

Page 16

PN 82013151

Identity Information

5.SSH Sentinel uses certificates and digital signatures as its primary authentication method. SSH Sentinel processes certificates according to the IETF Public-Key Infrastructure X.509v3 standards, allowing you to take advantage of the public-key infrastructure (PKI). SSH Sentinel supports certificate revocation lists (CRLs) and authority revocation lists (ARLs, that is, CRLs for CAs) and is very configurable. However, you can run the software as stand-alone, separately from any public-key infrastructure.

The setup requires host identity information that is to be associated with the authentication key pair and its certificate. A commonly preferred identity is the host DNS name, also referred to as the Fully Qualified Domain Name (FQDN). The DNS name should be used as the identity whenever the host has a static DNS name and whenever it is safe to assume that name service will be available. If the host does not have a static DNS name, its static IP address may be used as the host identity.

If neither static DNS name nor IP address is available, you may use an email address as the identity. However, using an email address as the identity makes it difficult for remote hosts to bind IPSec rules for the host, since rules are normally bound to a host name or an IP address.

Figure 7. Inquiring Certificate Identity.

16

Page 15 Page 17
Image 16
Page 15 Page 17
Contents Quick Start Guide Page Trademarks Page Contents Figures Introduction Product DescriptionInternet Protocol IP Internet Protocol Security IPSecShip Kit Contents About this Manual and Related ManualsPage Pre-Installation Requirements IntroductionStarting the SSH Sentinel Installation Licensing Agreement Authentication Key Generation Generating the Authentication Key Identity Information Choose the Enrollment Method Sentinel usesOnline Enrollment Information Enrollment Protocol aCA Server Address B CA Certificate CAdvanced button D Reference Number E Key IdentifierKey F Off-line Certification RequestEncryption Speed Diagnostics Completing the Installation SSH IPSec Client Setup Host to Net SetupRouteFinder Configuration Define and enable the following Packet Filter rulesSentinel Configuration Click Add to create a new Authentication Key Enter the Preshared Key Information and click OK Select VPN Connection and click OK Screen is displayed Rfipsc Quick Start Guide Click on the Advanced tab Click Details Verify the connection details information and click Close Rfipsc Quick Start Guide Page SSH Sentinel Installation Notes SSH Sentinel v1.2.0.15 Release NotesUpdating SSH Sentinel Removing SSH SentinelLimited Warranty On-line Warranty RegistrationRecording RouteFinder Information Contacting Tech Support via E-mailService Multi-Tech on the Internet Ordering AccessoriesSupplyNet On-line Ordering Instructions Appendix a RFIPSC-5/10/50 Client Software CD Page Rfipsc Quick Start Guide Page Appendix B Multi-User Software License Agreement Licensee also agrees to the following Multi-User Limited Warranty and License Agreement Page Register Your Software Page Register Your Software Page Rfipsc Quick Start Guide 82013151 B
Top Page Image Contents