beautypg.com

Global site certificates, Overview – HP e-Commerce Server Accelerator sa7120 User Manual

Page 33

background image

C H A P T E R 3

Keys and Certificates

23

Enter the information for the certificate, as prompted:

Country

State

Locality

Organization

Organization unit

Common name (for example, www.myserver.com)

E-mail address

3. Create a server mapping. Use the create map command to

specify the server IP address, ports, and keyID.

HP SA7120> create map

Server IP (0.0.0.0): 10.1.1.30

SSL (network) port [443]:

Cleartext (server) port [80]:

KeyID to use for mapping: mywebserver

4. Save the configuration when the server has been mapped.

HP SA7120> config save

Saving configuration to flash...

Configuration saved to flash

HP SA7120>

Global Site
Certificates

Overview

NOTE: The SA7100/
SA7120 supports only one
root CA certificate per
mapping. However,
multiple intermediate CA
certificates per single
mapping are supported.

Four types of certificates are involved in the following discussion:

Root Certificate. The certificate of a trusted CA such as
VeriSign.*

Server Certificate. Loaded on the server. Can be either self-
generated or received from a CA such as VeriSign*. Interacts
with requesting browser’s root certificate to establish encryption
level.

Global Site Certificate. An extended server certificate. Allows
128-bit encryption for export-restricted browsers.

Intermediate certificate authority (CA) Certificate. A certificate
“signed,” that is, authenticated, by a recognized CA such as
VeriSign*, and used to validate a global site certificate. Called an
“intermediate CA certificate” in the following discussion.

This manual is related to the following products:
See also other documents in the category HP Computer hardware: