HP-UX IPSec version A.02.01 Administrator's Guide
Using Certificates with HP-UX IPSec
Step 2: Submitting the Certificate Signing Request to the CA
Chapter 5 161
Step 2: Submitting the Certificate Signing
Request to the CA
Submit the Certificate Signing Request (CSR) to the CA to request a
signed certificate for the local system. The ipsec_config utility stores
the CSR in the file /var/adm/ipsec/ipsec.csr. Request the following
items from the CA:
• A signed certificate for the local system in a base64 format file.
• The CA’s certificate in a second base64 format file.
PKI vendors support different methods for submitting CSRs. A CA
implementation may have a web-based interface with a file upload
mechanism or a “copy and paste” mechanism, where the user copies the
contents of the CSR into a buffer and pastes the contents into a field on a
web page. Other vendors require you to transfer the file to the CA system
using a secure mechanism, and then specify the file name using a
command-line interface.