|
Certificate Enrollment Wizard
The Certificate Enrollment wizard
is used to enroll certificates, i.e. to request a
certification authority (CA) to issue a certificate.
You can start the wizard by clicking on the
Enroll button of the Certificates page of the
Settings dialog.
Certificate Enrollment - Start
The first page of the Certificate Enrollment wizard displays information on the enrollment process. The enrollment process will create a key pair, consisting of a public and a private key. Please note that the process requires the use of Certificate Management Protocol version 2 (CMPv2).
Figure : The start of the enrollment process.
Click the Next button to continue the process.
Certificate Enrollment - Identity
On the Identity page, enter the parameters of the certificate
to be issued. You can suggest a Common Name (e.g.
John Smith), Organization Unit (like
Marketing), Organization (SSH
Communications Security), Country
(USA) and Email Address
(john.smith@ssh.com).
Figure : Type the parameters of the certificate.
The certification authority can change these fields before
issuing the certificate. The Certificate validity
period and other parameters are determined by the
configuration of the CA software.
Please note that certificate enrollment requiring manual
acceptance in the CA software is not supported. You may be able
to compensate for this by using PKCS #12 file importing.
Click the Next button to launch the Key Generation Wizard. For more information on the key generation process, see section Key Generation Wizard.
Certificate Enrollment - Firewall
On the Firewall page, you can define the firewall and proxy settings. If your local setup does not require these to be defined, the fields can be left empty.
Click the Next button to continue.
Certificate Enrollment - CA
On the CA page, fill in the following fields:
- CMP Service URL
Type in the address of the server that provides the Certificate Management Protocol (CMP) service.
- Discover
Click the Discover button to attempt automatic detection of
available certification authority services and CA certificates.
The found CA services will be listed in the text field and can
be selected from the drop-down menu.
Please note that not all systems support the automatic detection functionality.
- CA Certificate
This dropdown menu will be filled with the CA certificates that were found on the selected CMP service. Select a CA certificate from the list.
Alternatively, you can directly type in the file name of the certificate, or select the file by clicking on the button on the right hand side of the file name field. The Select CA Certificate dialog will open, allowing you to locate the certificate file.
- View
Click the View button to display the contents of the current certificate.
- Retrieve CA Certificates from CA URL
Select the desired CA URL from the drop-down list and click the Retrieve CA Certificates from CA URL button to retrieve the CA certificates from the selected CA address.
- Reference Number
Type in the reference number.
- Key
Type in the key information.
Click the Next button to continue.
Certificate Enrollment - Enrollment
On the Enrollment page the actual enrollment takes place. This may take some time (the exact duration depends on the amount of network traffic, among other factors).
Figure : The enrollment in progress.
When the process is finished, click the Finish button to continue.
[Contents]
[Index]
[ Contact Information | Support | Feedback | SSH Home Page | SSH Products ]
Copyright © 2003 SSH Communications Security Corp.
All rights reserved.
Copyright Notice
|
