Versions Compared

Old Version 2

changes.mady.by.user Ribbon Communications

Saved on

compared with

New Version Current

changes.mady.by.user Ribbon Communications

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: rebranding
Noprint
Panel
borderColorgreen
bgColortransparent
borderWidth2

Back to Table of Contents

Back to Configuration

Back to Configuration - Security Configuration

Back to Security Configuration - PKI

Panel

In this section:

Table of Contents
maxLevel2

...

Caption
0Figure
1Security Configuration - PKI - Certificate
 

Image Modified

To Edit Certificate

To edit any of the Certificate in the list, click the radio button next to the specific Certificate name.

Caption
0Figure
1Security Configuration - PKI - Certificate Highlighted
 

Image Modified

The Edit Selected Certificate window is displayed below.

Caption
0Figure
1Security Configuration - PKI - Certificate Edit Window
 

Image Modified

Make the required changes and click Save at the right hand bottom of the panel to save the changes made.

...

Caption
0Figure
1Security Configuration - Ipsec Protection Profile Fields
 

Image Modified

The Create New Certificate window is displayed.

Caption
0Figure
1Security Configuration - PKI - Certificate Create Window
 

Image Modified

The following fields are displayed:

Caption
0Table
1Pki - Certificate Parameters
 

Parameter

Description

Name

Specifies the name of the certificate.

State

Enable this flag to enable the use of the certificate once it has been installed. The options are:

  • disabled (default)
  • enabled

File Name

<filename>.pem Enter the PEM filename and set state to "enabled" to install the certificate.

Pass Phrase Specifies the Pass-phrase to decrypt RSA private key in PKCS12 file.
Type

Use this object to specify the type of certificate:

  • local – Certificate belongs to (has as its subject) the local system itself; the key pair and CSR were generated elsewhere
  • local-internal – Certificate belongs to (has as its subject) the local system itself; the key pair and CSR were generated on this machine.
  • remote Certificate belongs to (has as its subject) a remote entity such as a CA or a peer device.

To Copy Certificate

To copy any of the created Certificate and to make any minor changes, click the radio button next to the specific Certificate to highlight the row.

Caption
0Figure
1Security Configuration - PKI - Certificate Highlighted
 

Image Modified

Click Copy Certificate tab on the Certificate List panel.

Caption
0Figure
1Security Configuration - PKI - Certificate Fields
 

Image Modified

The Copy Selected Certificate window is displayed along with the field details which can be edited.

Caption
0Figure
1Security Configuration - PKI - Certificate Copy Window
 

Image Modified

Make the required changes to the required fields and click Save to save the changes. The copied Certificate is displayed at the bottom of the original Certificate in the Certificate List panel.

...

Caption
0Figure
1Security Configuration - PKI - Certificate Highlighted
 

Image Modified

Click Delete at the end of the highlighted row. A delete confirmation message appears seeking your decision.

Caption
0Figure
1Security Configuration - PKI - Certificate Delete Confirmation
 

Image Modified

Click OK Yes to remove the specific Certificate from the list.

...

Caption
0Figure
1Security Configuration - PKI - Certificate Commands
 

Image Modified

The Generate CSR keyword is added to generate the CSR and display it on the screen. The Import Cert keyword is added to import signed certificate. To view the complete content of the certificate, use Retrieve Cert Content command.

...

Caption
0Figure
1Security Configuration - PKI - Certificate Commands - GenerateCSR
 

Image Modified

SAN Support

Note

SBC supports SAN Support from 4.0.2 release.

...

Caption
0Figure
1Security Configuration - PKI - Certificate Commands - GenerateCSR Certificate Signing Request
 

Image Modified

Click Ok to exit.

Import Cert Command

...

Caption
0Figure
1Security Configuration - PKI - Certificate Commands - ImportCert
 

Image Modified

Note

You can cut-and-paste the returned certificate content from Certificate Authority (CA) in the certContent field on the pop-up window and click importCert to complete the task.

...

Caption
0Table
1Certificate Parameters
 

Parameter

Description

csrSub

<csr subject name> The name of the CSR subject using the following format.

Note

At least one of the following keys must be specified in the csr subject name.

/C=<xx>/ST=<xx>/L=<string>/O=<string>/CN=<string>

Where:

  • C = 2-digit country abbreviation
  • ST = 2-digit state or province abbreviation
  • L = Locality name
  • O = Organization name
  • CN = Common Name

Example:

/C=US/ST=MA/L=Westford/O=

...

Example Inc./CN=www.

...

example.com

keySize 

The size in bits of the key pair to generate the private key.

  • keySize1k – 1024 bits

  • keySize2k (default) – 2048 bits

Subject Alternative Dns Name

Specifies the names of the alternative DNS subjects. Multiple alternative names can be specified using "," (comma) as a separator.

For example:

"nj.

...

example.com, in.

...

example.com, uk.

...

example.com, ca.

...

example.com, tx.

...

example.com"

Note

This field is available from 4.0.2 release.

Retrieve Cert Content

The Retrieve Cert Content command extracts the complete certificate information including the serial number and the validity period. On the Certificate Commands window, select Retrieve Cert Content command.

...

Caption
0Figure
1Retrieve Cert Content Command window
 

Image Modified

Click retrieveCertContent to proceed and to view the complete information of the certificate. The Message window appears providing all the information of the certificate.

...

Caption
0Figure
1Retrieve Cert Content Message
 

Image Modified

Click OK to exit.