User`s guide
292 XSR User’s Guide
Interoperability Profile for the XSR Chapter 11
Configuring the Virtual Private Network
State: CA-AUTHENTICATED
Version: V3
Serial Number: 458128935273366930063530
Issuer: MAILTO=foo@foo.com, C=US, ST=MA,
L=Andover, O=Ent Sys, OU=
Sales, CN=PKI Certificate Authority
Valid From: 2002 Jul 24th, 20:45:14 GMT
Valid To: 2003 Jul 24th, 20:55:14 GMT
Subject: MAILTO=SCEP, C=US, ST=MA, L=Andover,
O=Enterasys Networks, OU=
Sales, CN=Scep
Fingerprint: F1279D63 AFFC3D93 48E5F311 73A1D16F
Certificate Size: 1695 bytes
RA Signature Certificate - Hightest-ras
State: CA-AUTHENTICATED
Version: V3
Serial Number: 458128729515158954573993
Issuer: MAILTO=foo@foo.com, C=US, ST=MA,
L=Andover, O=Ent Sys, OU=
Sales, CN=PKI Certificate Authority
Valid From: 2002 Jul 24th, 20:45:13 GMT
Valid To: 2003 Jul 24th, 20:55:13 GMT
Subject: MAILTO=SCEP, C=US, ST=MA, L=Andover,
O=Ent Sys, OU=
Sales, CN=Scep
Fingerprint: 91EB5A77 B5CA535A 077B65C5 65035615
Certificate Size: 1695 bytes
5 Enroll in an end-entity certificate from a CA for which you have previously
authenticated; e.g.,
Hightest.
The script will prompt you to enter and re-enter a challenge password
you create or is given to you by your CA administrator. Remember that if
you create a password, save it so it can be used later in case you need to
revoke the CA. Respond yes to all questions. and jot down the certificate
serial number for comparison purposes.
XSR(config)#crypto ca enroll Hightest
%
% Start certificate enrollment
% Create a challenge password. You will need to verbally
provide this password to the CA Administrator in order to
revoke your certificate.