User`s guide

ManualsBrandsDigi ManualsComputer equipmentTransPort WR44v2

411

412

413

414

415

416

417

418

419

420

Before you can create a certificate request you must first obtain a challenge password from

the Certificate Authority Server. This password is generally obtained from the SCEP CA

server by way of a WEB server or a phone call to the CA Server Administrator. For the

Microsoft® SCEP server, you browse to a web interface. If the server requires a challenge

password, it will be displayed on the page along with the CA certificate fingerprint.

This challenge password is usually only valid once and for a short period of time, in this case

60 minutes, meaning that a certificate request must be created after retrieving the

challenge password.

Common Name (CN)

A name for the router. This parameter is important as the common name will be used as the

router’s ID for IKE negotiations.

Country Code (C)

The two character county code of where the router is located. A list of valid country codes

can be found at

http://www.iso.org/iso/english_country_names_and_code_elements.

State or Province (ST)

The state, county or province of where the router is located.

Locality (L)

The town or city of where the router is located.

Organisation (O)

The company to whom the router belongs to.

Organisational Unit (OU)

The company department maintaining the router.

E-mail

An appropriate email address of a contact for the router.

Unstructured Name

This parameter is optional. It can contain some descriptive to help identify the certificate.

Digest Algorithm

The digest algorithm used (MD5 or SHA1) when signed the certificate request.

Ignore NONCE in SCEP response

The parameter instructs the router to ignore the NONCE field in the SCEP response. The

NONCE is primarily used to prevent replay attacks.

Related CLI Commands

Entity

Instance

Parameter

Values

Equivalent Web Parameter

scep 0 host IP Address SCEP Server IP address

scep 0 port 0 - 65535 Port

scep 0 path String Path

scep 0 app String Application

scep 0 caident String CA Identifier

scep 0 cafile Filename CA certificate

scep 0 caencfile Filename CA encryption certificate

scep 0 casigfile Filename CA signature certificate

creq 0 challenge_pwd String Enrolment Password