34Postinstallation

Whether you select a commercial Certificate Authority (CA) or build your own CA Server, you must provide the following information to enroll:

first and last name of the certificate administrator

e-mail address of the certificate administrator

any other information requested by the CA

ATTENTION

Nortel strongly recommends that you create an e-mail alias for the certificate administrator. The CA sends renewal notifications and other important information to this e-mail address. If the administrative responsibilities are shared, any administrator can access the notifications.

For additional information about commercial Certificate Authorities, go to any one of the following company Web sites:

VeriSign

Entrust

CACert

RapidSSL

For additional information about building your own CA server with Microsoft Exchange Server 2007, go to the Microsoft Web site at http://www.microsoft.com. Search on the key words build a certificate authority.

Certificate Signing Request generation

A Certificate Signing Request (CSR) is the unique fingerprint of the server and includes your private and public key pair. You need a CSR to enroll for a TLS certificate.

Procedure 5 “Generating a CSR” (page 35) describes the steps to generate a CSR by using Java keytool and sample directories. In this procedure, you use Java keytool, which is the recommended method. You can use another tool to generate a CSR if your environment requires that you do so.

For more information about Java keytool, go to http://java.sun.com/ and search on the keyword keytool.

Nortel Mobile Communication 3100 Series Portfolio

Nortel Mobile Communication Gateway 3100 Installation and Upgrades

NN42030-300 02.03 Standard

9 May 2008

Copyright © 2007, 2008 Nortel Networks

Page 34
Image 34
Nortel Networks NN42030-300 manual Certificate Signing Request generation