Chapter 33 Configuring Certificates
Identity Certificates Authentication
–The check box Include serial number of the device allows you to add the security appliance serial number to the certificate parameters.
–The Advanced > Enrollment Mode allows you to select either manual enrollment (Request by manual enrollment) or enrollment by CA (Request from a CA), which requires the following information:
–Enrollment URL (SCEP): HTTP:// Enter the path and file name of the certificate to be automatically installed.
–Retry Period: Specify the maximum number of minutes to retry installing an Identity certificate.The default is one minute.
–Retry Count: Specify the number of retries for installing an Identity certificate. The default is 0, which indicates unlimited retries within the retry period.
•In the Add Identity Certificate pane, enter the following Certificate Subject DN information:
–Certificate Subject DN— Specify the certificate
–Attribute: (in Certificate Subject DN > Select window)— Select one or more DN attributes from the
Certificate Subject DN Attributes
CN = Common Name
OU = Department
O = Company Name
C = Country
ST = State/Province
L = Location
EA =
–Value: (in Certificate Subject DN > Select window)— Enter the value for each of the DN attributes that you select in the Attribute list. With a value assigned to an attribute, use the
Once you complete Identity Certificate configuration, click Add Certificate in the Add Identity Certificate pane. Then, be sure to click the Apply button in the Identity Certificates window to save the newly certificate configuration.
Show Identity Certificate Details
The Show Details button displays the Certificate Details dialog box, which shows the following information about the selected certificate:
•
| Cisco Security Appliance Command Line Configuration Guide |
|
