Chapter 9 Authentication
Table
Column | Description |
|
|
|
|
Functions | For each CA Certificate listed in the table, you can: |
| • Delete the certificate. |
| • Export the certificate to a file. |
| • Edit the CA Certificate to view the certificate details, specify a Certificate |
| Revocation List (CRL), and configure parameters to automatically update the |
| CRL. |
|
|
CRL Expiry | The expiration date of the Certificate Revocation List (CRL) associated with the CA |
| Certificate. This is set to No CRL loaded if the user has not configured a CRL for the CA |
|
|
Status | The status of the certificate, either: |
| • Valid if the certificate may be used. |
| • Revoked if the certificate has been revoked by a CRL. |
|
|
For additional information, see the following topics:
•“X.509 Certificates” on page 255
•“Import a CA Certificate” on page 258
•“Configure CRL Parameters for a CA Certificate” on page 260
Import a CA Certificate
STEP 1
STEP 2
STEP 3
STEP 4
From the LSM menu, select Authentication > X.509 Certificates.
On the CA Certificate page in the Import CA Certificate table, type a unique Certificate Name (for the name, use only characters:
This is the local name that the X family device used to identify the CA Certificate in the LSM.
Type the path and file for the CA Certificate File, or click Browse and navigate to the file.
The CA Certificate file must use the .DER format (PKCS#7).
Click Import to upload the CA Certificate onto the X family.
After you import the CA Certificate, you can view and manage it from the Current CA Certificates table. To configure a CRL for the certificate, use the Edit function.
Certificate Revocation List (CRL) for a CA Certificate
The Certificate Revocation List (CRL) is a list of CA Certificates which have been revoked by a Certificate Authority before their expiration dates. The list includes the reasons for revocation and a proposed date for the next release. Certificates may be revoked because the private part of public/ private key pair has been compromised, invalidating the public key, or if the user details for the certificate have changed.
258 X Family LSM User’s Guide V 2.5.1