Allied Telesis AT-S63 User Manual

Page 400

background image

Chapter 34: PKI Certificates and SSL

400

Section IX: Management Security

network equipment. With private CAs, companies can keep track of the
certificates and control access to various network devices.

If your company is large enough, it might have a private CA and you might
want the group to issue the certificate for the AT-9400 Switch so that you
are in compliance with company policy.

The first step to creating a CA certificate is to create a key pair. After that
you must generate a digital document called an enrollment request and
send the document to the CA. The document contains the public key and
other information that the CA will use to create the certificate.

Before sending an enrollment request to a CA, it is best to first contact the
CA to determine what other documents or procedures might be required in
order for the CA to create the certificate. This is particularly important with
public CAs, which typically have strict guidelines on issuing certificates.