Manuals / Cisco Systems / Household Appliance / Home Safety Product

Cisco Systems VPN 3002 Enrolling and Installing Identity Certificates, Abbrev, Field Name, iation

Models: VPN 3002

1 282
Download 282 pages 2.25 Kb
Page 146
Image 146
Enrolling and Installing Identity Certificates

Chapter 12 Administration

Certificate Management

Enrolling and Installing Identity Certificates

When you generate a request for an identity certificate, you need to provide the following information.

Tip Check to be sure that you have this information before you begin.

Table 12-1 Fields in a Certificate Request

 

 

 

 

Abbrev-

 

 

 

 

 

 

Field Name

iation

Manual

SCEP

Recommended Content

 

 

 

 

 

 

 

Common Name

CN

Yes

Yes

The primary identity of the entity associated with the certificate,

 

 

 

 

 

 

 

for example, Engineering VPN. Spaces are allowed. You must

 

 

 

 

 

 

 

enter a name in this field.

 

 

 

 

 

 

 

If you are requesting an SSL certificate, enter the IP address or

 

 

 

 

 

 

 

domain name you use to connect to this VPN 3002, for example:

 

 

 

 

 

 

 

10.10.147.2.

 

 

 

 

 

 

 

 

 

Organizational Unit

OU

Yes

Yes

The name of the department or other organizational unit to which

 

 

 

 

 

 

 

this VPN 3002 belongs, for example: CPU Design. Spaces are

 

 

 

 

 

 

 

allowed.

 

 

 

 

 

 

 

Organization

O

Yes

Yes

The name of the company or organization to which this VPN 3002

 

 

 

 

 

 

 

belongs, for example: Cisco Systems. Spaces are allowed.

 

 

 

 

 

 

 

Locality

L

Yes

Yes

The city or town where this VPN 3002 is located, for example:

 

 

 

 

 

 

 

San Jose. Spaces are allowed.

 

 

 

 

 

 

 

State/Province

SP

Yes

Yes

The state or province where this VPN 3002 is located, for

 

 

 

 

 

 

 

example: California. Spell the name out completely; do not

 

 

 

 

 

 

 

abbreviate. Spaces are allowed.

 

 

 

 

 

 

 

Country

C

Yes

Yes

The country where this VPN 3002 is located, for example: US.

 

 

 

 

 

 

 

Use two characters, no spaces, and no periods. This two-character

 

 

 

 

 

 

 

code must conform to ISO 3166 country codes.

 

 

 

 

 

 

 

Subject Alternative Name

FQDN

Yes

Yes

The fully qualified domain name that identifies this VPN 3002 in

 

(Fully Qualified Domain

 

 

 

this PKI, for example: vpn3030.cisco.com. This field is optional.

 

Name)

 

 

 

The alternative name is an additional data field in the certificate

 

 

 

 

 

 

 

that provides interoperability with many Cisco IOS and PIX

 

 

 

 

 

 

 

systems in LAN-to-LAN connections.

 

 

 

 

 

 

 

Subject Alternative Name

E-mail

Yes

Yes

The e-mail address of the VPN 3002 user.

 

(E-mail Address)

 

 

 

 

 

 

 

 

 

 

 

 

 

Challenge Password

-

No

Yes

This field appears if you are requesting a certificate using SCEP.

 

 

 

 

 

 

 

Use this field according to the policy of your CA:

 

 

 

 

 

 

 

Your CA might have given you a password. If so, enter it here

 

 

 

 

 

 

 

for authentication.

 

 

 

 

 

 

 

Your CA might allow you to provide your own password to

 

 

 

 

 

 

 

use to identify yourself to the CA in the future. If so, create

 

 

 

 

 

 

 

your password here.

 

 

 

 

 

 

 

Your CA might not require a password. If so, leave this field

 

 

 

 

 

 

 

blank.

 

 

 

 

 

 

 

 

 

 

 

 

 

VPN 3002 Hardware Client Reference

 

 

 

 

 

 

 

 

 

 

 

 

12-20

 

 

 

 

 

OL-1893-01

 

 

 

 

 

 

 

 

 

Page 145 Page 147
Page 146
Image 146
Cisco Systems VPN 3002 Enrolling and Installing Identity Certificates, Abbrev, Field Name, iation, Manual, Scep, 12-20
Page 145 Page 147