Nortel Networks NN46120-104 User Manual
Page 109
Create a New Certificate
109
the information displayed, decide which virtual SSL server to
configure for client authentication.
>> Main# cfg/cur ssl
2
Configure the chosen virtual SSL server to require client
certificates.
The client must send its client certificate to the virtual SSL
server during the SSL handshake. If the client does not have
a certificate, the client will respond with a NoCertificateAlert
message. At that point, the session will be terminated.
>> SSL# server 1
>> Server 1# ssl
>> SSL Settings# verify
Current value:
none
Certificate verification (none/optional/require):
require
3
Specify which CA certificates to use for client
authentication.
Specify which CA certificates you want the virtual SSL server
to use for authenticating client certificates. Only those client
certificates that are issued by a certificate authority whose
CA certificate you specify, will be accepted. Note that the CA
certificates you specify by index number must be available on
the VPN Gateway itself.
To authenticate client certificates issued within your own
organization, the CA certificate used for generating the issued
client certificates must be specified as a CA certificate.
>> SSL Settings# cacerts
Current value: ""
Enter certificate numbers (separated by comma):
certificates by index number>
To view basic information about all certificates currently added to
the VPN Gateway, use the
/info/certs
command.
4
Apply your settings.
>> SSL Settings# apply
Changes applied successfully.
--End--
Nortel VPN Gateway
User Guide
NN46120-104
02.01
Standard
14 April 2008
Copyright © 2007-2008 Nortel Networks
.