Filter
Top Products
Configuration Guide Page 34 of 55
Issue Certificate via SCEP protocol to XSR
Issue Certificate via SCEP protocol to XSRIssue Certificate via SCEP protocol to XSR
Issue Certificate via SCEP protocol to XSR from
from from
from
Wi
WiWi
Win
nn
ndows
dowsdows
dows 2000
2000 2000
2000 CA
CA CA
CA:
::
:
1.
XSR-1805_1(config)#crypto ca identity Enterasys-Networks-CA
XSR-1805_1(ca-identity)#
enrollment url http://192.168.224.22/certsrv/mscep/mscep.dll
XSR-1805_1(ca-identity)#exit
2.
XSR-1805_1(config)#crypto ca authenticate Enterasys-Networks-CA
Certificate has the following attributes:
Fingerprint: 6AEBAF4C 51B85B4C 297F12F0 D3442FF6
Do you accept this certificate (y/n) ? y
3.
XSR-1805_1(config)#crypto ca enroll Enterasys-Networks-CA
%
% Start certificate enrollment
Create a challenge password. You will need to verbally
provide this password to the CA Administrator in order to
revoke your certificate. For security reasons your password
will not be saved in the configuration.
Please make a note of it.
Password:****************
Re-enter password:****************
Include the router serial number in the subject name (y/n) ? y
The serial number in the certificate will be: 361902300157320D
Request certificate from CA (y/n) ? y
You may experience a short delay while RSA keys are generated.
Once key generation is complete, the certificate request
will be sent to the Certificate Authority.
Use 'show crypto ca certificate' to show the fingerprint.
XSR-1805_1(config)#
<186> 192.168.224.132 PKI: A certificate was successfully received from the CA.
XSR-1805_1(config)#
4.
XSR-1805_1(config)#crypto ca crl request Enterasys-Networks-CA
<186>Jul 30 11:33:28 192.168.200.1 PKI: A crl has been requested for En-
terasys-Networks-CA, this may take a while, a message will be displayed
when the crl has been
<191>Jul 30 11:33:28 192.168.200.1 VPN: [PKI] The certificate is VALID
XSR-1805_1(config)#