Chapter 9 Authentication
Managing Certificate Requests
You can perform the following managment functions from the Certificate Request page:
Table
Function | Icon/Field | Description |
|
|
|
|
|
|
Import | Import | When you receive a signed certificate from the Certificate Authority, you can |
Signed Local | Signed | import the certificate so that it is available on the X family device. When you |
Certificate | Request | import a signed certificate from the Certificate Requests page, the certificate |
| table | request generated to obtain the signed certificate is automatically deleted. |
|
|
|
Create a | Create | Access the Create a Certificate Request page to specify the parameters and |
Certificate | Certificate | Distinguished Name attributes for the request, and generate the Certificate |
Request | Request | Request in PKCS#10 format. |
| button |
|
|
|
|
Export |
| A Certificate Request must be exported to a file before it can be submitted to |
|
| the CA (either by a |
|
| Certificate Requests are exported in PKCS#10 format, which includes the |
|
| Distinguished Name (DN) and the Public Key. A request is signed by the |
|
| Private Key of the requester so that the CA can verify authenticity. |
|
|
|
Delete |
| If a Certificate Request is no longer needed, use the Delete function to remove |
|
| it from the X family device. |
|
| The device automatically deletes Certificate Requests when you import the |
|
| signed local certificate received from the Certificate Authority. |
|
|
|
For details, see the following sections:
•“Create a Certificate Request” on page 262
•“Import a signed Local Certificate” on page 263
•“X.509 Certificates” on page 255
Create a Certificate Request
STEP 1
STEP 2
STEP 3
STEP 4
STEP 5
From the LSM menu, select Authentication > X.509 Certificates. On the CA Certificate page, click the Certificate Requests tab.
On the Certificate Requests page, click Create Certificate.
On the Create Certificate Request page, type a name for the Certificate Request in the Name field.
This is the name used by the Local Certificate when you later import the signed Local Certificate.
Select the length for the private key from the Length
In the Distinguished Name table, define the Distinguished Name attributes for the Certificate Request:
262 X Family LSM User’s Guide V 2.5.1