H3C Technologies H3C SecPath F1000-E User Manual
Page 302
290
Figure 185 Adding a PKI entity
2.
Create a PKI domain:
a.
From the navigation tree, select VPN > Certificate Management > Domain.
b.
Click Add.
c.
In the upper area of the page, enter torsa as the PKI domain name, enter CA server as the CA
identifier, select aaa as the local entity, select RA as the authority for certificate request, enter
http://4.4.4.1:8080/certsrv/mscep/mscep.dll as the URL for certificate request (the URL must
be in the format of http://host:port/certsrv/mscep/mscep.dll, where host and port are the
host address and port number of the CA server), and select Manual as the certificate request
mode.
d.
Click Apply.
The system displays "Fingerprint of the root certificate not specified. No root certificate
validation will occur. Continue?"
e.
Click OK to confirm.
- H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS