|
| ||
| Table 40 My Certificate Create (continued) | ||
|
|
|
|
| LABEL | DESCRIPTION |
|
|
|
|
|
| Organizational Unit | Type up to 127 characters to identify the organizational unit or department to |
|
|
| which the certificate owner belongs. You may use any character, including |
|
|
| spaces, but the ZyAIR drops trailing spaces. |
|
| Organization | Type up to 127 characters to identify the company or group to which the |
|
|
| certificate owner belongs. You may use any character, including spaces, but |
|
|
| the ZyAIR drops trailing spaces. |
|
| Country | Type up to 127 characters to identify the nation where the certificate owner is |
|
|
| located. You may use any character, including spaces, but the ZyAIR drops |
|
|
| trailing spaces. |
|
| Key Length | Select a number from the |
|
|
| key should use (512 to 2048). The longer the key, the more secure it is. A |
|
|
| longer key also uses more PKI storage space. |
|
| Enrollment Options | These radio buttons deal with how and when the certificate is to be generated. |
|
|
|
|
|
| Create a | Select Create a |
|
| certificate | certificate and act as the Certification Authority (CA) itself. This way you do not |
|
|
| need to apply to a certification authority for certificates. |
|
| Create a certification | Select Create a certification request and save it locally for later manual |
|
| request and save it | enrollment to have the ZyAIR generate and store a request for a certificate. |
|
| locally for later manual | Use the My Certificate Details screen to view the certification request and |
|
| enrollment | copy it to send to the certification authority. |
|
|
| Copy the certification request from the My Certificate Details screen (see the |
|
|
| My Certificate Details section) and then send it to the certification authority. |
|
| Create a certification | Select Create a certification request and enroll for a certificate |
|
| request and enroll for | immediately online to have the ZyAIR generate a request for a certificate and |
|
| a certificate | apply to a certification authority for a certificate. |
|
| immediately online | You must have the certification authority’s certificate already imported in the |
|
|
| Trusted CAs screen. |
|
|
| When you select this option, you must select the certification authority’s |
|
|
| enrollment protocol and the certification authority’s certificate from the drop- |
|
|
| down list boxes and enter the certification authority’s server address. You also |
|
|
| need to fill in the Reference Number and Key if the certification authority |
|
|
| requires them. |
|
| Enrollment Protocol | Select the certification authority’s enrollment protocol from the |
|
|
| box. |
|
|
| Simple Certificate Enrollment Protocol (SCEP) is a |
|
|
| protocol that was developed by VeriSign and Cisco. |
|
|
| Certificate Management Protocol (CMP) is a |
|
|
| that was developed by the Public Key Infrastructure X.509 working group of |
|
|
| the Internet Engineering Task Force (IETF) and is specified in RFC 2510. |
|
| CA Server Address | Enter the IP address (or URL) of the certification authority server. |
|
|
|
|
|
| CA Certificate | Select the certification authority’s certificate from the CA Certificate drop- |
|
|
| down list box. |
|
|
| You must have the certification authority’s certificate already imported in the |
|
|
| Trusted CAs screen. Click Trusted CAs to go to the Trusted CAs screen |
|
|
| where you can view (and manage) the ZyAIR's list of certificates of trusted |
|
|
| certification authorities. |
|
| Request | When you select Create a certification request and enroll for a certificate |
|
| Authentication | immediately online, the certification authority may want you to include a |
|
|
| reference number and key to identify you when you send a certification |
|
|
| request. Fill in both the Reference Number and the Key fields if your |
|
|
| certification authority uses CMP enrollment protocol. Just fill in the Key field if |
|
|
| your certification authority uses the SECP enrollment protocol. |
|
Chapter 11 Certificates | 135 |