beautypg.com

Destroying the rsa key pair, Retrieving and displaying a certificate, Retrieving and – H3C Technologies H3C SecPath F1000-E User Manual

Page 297: Displaying a certificate, Retrieving and displaying a, Certificate

background image

285

Destroying the RSA key pair

1.

From the navigation tree, select VPN > Certificate Management > Certificate.

2.

Click Destroy Key.

3.

Click Apply to destroy the existing RSA key pair and the corresponding local certificate.

Figure 177 RSA key pair destruction page

Retrieving and displaying a certificate

You can download an existing CA certificate or local certificate from the CA server and save it locally.

To do so, you can use offline mode or online mode. In offline mode, you need to retrieve a certificate by

an out-of-band means like FTP, disk, email and then import it into the local PKI system.
To retrieve a certificate:

1.

From the navigation tree, select VPN > Certificate Management > Certificate.

2.

Click Retrieve Cert.

Figure 178 PKI certificate retrieval page

3.

Configure the parameters, as described in

Table 29

.

4.

Click Apply.

Table 29 Configuration items

Item Description

Domain Name

Select the PKI domain for the certificate.

Certificate Type

Select the type of the certificate to be retrieved, which can be CA or local.

Enable Offline
Mode

Select this box to retrieve a certificate in offline mode (that is, by an out-of-band means
like FTP, disk, or email) and then import the certificate into the local PKI system.