C H A P T E R 3 Intel® NetStructure™ 7110/7115 e-Commerce Accelerator User Guide

Creating a new Key/Certificate on the 7110/7115

Use the create key and create cert commands to create new keys and certificates for 7110/7115 operation. This procedure can be used when there are no existing keys and certificates on the server. The advantage is that this method is very fast, but a certificate authority has not signed the certificates.

The fields input to create a certificate are called a Distinguished Name (DN). For optimal security, one or more fields must be modified to make the DN unique.

Procedure

1.Create a key as follows:

Intel 7115> create key

Enter the key strength [512,1024]: 512

New keyID [001]: mywebserver

Keypair was created for keyID: mywebserver

2.Enter the create cert command with the keyID

Intel 7115> create cert mywebserver

You are about to be asked to enter information

Enter the information for the certificate, as prompted:

Country

State

Locality

Organization

Organization unit

Common name (for example, www.myserver.com)

E-mail address.

3.Create a server mapping. Use the create map command to specify the server IP address, ports, and keyID.

Intel 7115> create map

Server IP (0.0.0.0): 10.1.1.30

SSL (network) port [443]: <Enter>

Cleartext (server) port [80]: <Enter>

KeyID to use for mapping: mywebserver

3-14

Page 36
Image 36
Intel A31032-001 manual Creating a new Key/Certificate on the 7110/7115, Create a key as follows