HP Creating a PKI entity

Step

Remarks

Optional.

6.

Destroying the RSA key pair

Destroy the existing RSA key pair and the corresponding local certificate.

If the certificate to be retrieved contains an RSA key pair, you must destroy

the existing key pair. Otherwise, the retrieving operation will fail.

7.

Retrieving and displaying a

Optional.

certificate

Retrieve an existing certificate.

8.

Retrieving and displaying a

Optional.

CRL

Retrieve a CRL and display its contents.

Task

Remarks

Required.

Create a PKI entity and configure the identity information.

A certificate is the binding of a public key and the identity information of an

1.

Creating a PKI entity

entity, where the DN shows the identity information of the entity. A CA

identifies a certificate applicant uniquely by an entity DN.

The DN settings of an entity must be compliant to the CA certificate issue

policy. Otherwise, the certificate request might be rejected. You must know

the policy to determine which entity parameters are mandatory or optional.

Required.

Create a PKI domain, setting the certificate request mode to Auto.

2.

Creating a PKI domain

Before requesting a PKI certificate, an entity needs to be configured with

some enrollment information, which is called a PKI domain.

A PKI domain is intended only for convenience of reference by other

applications like IKE and SSL, and has only local significance.

Optional.

3.

Destroying the RSA key pair

Destroy the existing RSA key pair and the corresponding local certificate.

If the certificate to be retrieved contains an RSA key pair, you must destroy

the existing key pair. Otherwise, the retrieving operation will fail.

4. Retrieving and displaying a

Optional.

certificate

Retrieve an existing certificate.

5. Retrieving and displaying a

Optional.

CRL

Retrieve a CRL and display its contents.