Manualshelf

HP-UX IPSec version A.02.00 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX IPSec Software
121122123124125126127128129130
Using Certificates with HP-UX IPSec
Overview
Chapter 4 117
negotiation and each entity may get the other entity’s certificate from a
CA or certificate directory service. The method used varies according to
the CA used and the services provided by the CA.
Requirements
To use security certificates, your topology must meet the following
requirements:
The systems using certificates must use IPv4 addresses for IPSec.
IKE digital signature authentication is not supported with IPv6
addresses.
The security certificates must be administered using one of the
following PKI products:
VeriSign Managed PKI (formerly VeriSign OnSite for VPNs)
Baltimore UniCERT 3.5 package
All security certificates must be administered using a PKI product
from the same vendor. When you configure HP-UX IPSec, you must
configure only one PKI vendor for all security certificate operations.