H3C Technologies H3C SecPath F1000-E User Manual
Page 397
385
c.
Enter the PKI entity name en.
d.
Enter common name http-server for the entity.
e.
Click Apply.
# Configure a PKI domain named sslvpn.
a.
Select VPN > Certificate Management > Domain from the navigation tree.
b.
Click Add to add a PKI domain.
Figure 272 Configuring a PKI domain named sslvpn
c.
Enter the PKI domain name sslvpn.
d.
Enter the CA identifier CA server.
e.
Select en as the local entity.
f.
Select RA as the registration authority.
g.
Enter the certificate requesting URL http://10.2.1.1/certsrv/mscep/mscep.dll.
h.
Select Manual as the certificate request mode.
i.
Click Apply. When the system displays "Fingerprint of the root certificate not specified. No
root certificate validation will occur. Continue?" click OK to continue.
# Generate an RSA key pair.
a.
Select VPN > Certificate Management > Certificate from the navigation tree.
b.
Click Create Key to add a PKI domain.
Figure 273 Generating an RSA key pair
- H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS