HP X Unified Security Platform Certificate Requests

Chapter 9 Authentication

Configure CRL Parameters for a CA Certificate

Certificate Requests

Certificate Requests provide X family administrators with a form and encoding method to generate a signed Local Certificate from the CA server.

After generating the Certificate Request, the administrator has to export the request, and then provide it to the CA server. The CA server signs the request to generate a Local Certificate and returns the signed certificate to the administrator who then imports it back into the X family device. A successful import of the Local Certificate removes the corresponding Certificate Request as the request has now been satisfied. After importing a Local Certificate, you can view and manage it from the Local Certificates page.

The device uses PKCS#10 format for Certificate Requests. When a request is created, a Distinguished Name (DN) and a public/private key pair is generated, and the public key is included in the PKCS#10 format.

You can manage Certificate Requests from the LSM. From the Certificates Request page, you can:

•View Certificate Requests currently available.

•Create a Certificate Request.

•Export the request so it can be submitted to the Certificate Authority.

•Import a signed Certificate Request that has been returned by the Certificate Authority so it is available for use on the system.

260 X Family LSM User’s Guide V 2.5.1