HP-UX IPSec version A.02.01 Administrator's Guide
HP-UX IPSec and HP-UX Mobile IPv6
Step 6: Configuring Authentication Records
Appendix F 313
CN=
commonName
C=c
ountry
O=
organization
OU=
organizationalUnit
The attributes are all optional, but you must specify at least one.
Separate multiple attributes using commas. The order of the attributes
is ignored and the DN is not case sensitive.
If there are spaces in the DN, you must enclose the DN in double quotes
(““). For example, “CN=host1,C=US,O=My Company,OU=Blue Lab”.
The values are defined as follows:
commonName
: The commonName of the DN in printable string format.
Commas are not accepted as part of this value. The size of this value
must not exceed 64 bytes.
country
: The two-character ISO 3166-1 code for the country listed in the
DN, for example US for United States of America. Commas are not
accepted as part of this value.
organization
: The organization of the DN, for example
Hewlett-Packard. Commas are not accepted as part of this value. The
size of this value must not exceed 64 bytes.
organizationalUnit
: The organizationalUnit for the DN, for example
Marketing. Commas are not accepted as part of this value. The size of
this value must not exceed 64 bytes.
Default: You must configure values for -ltype and -lid when
configuring authentication records for Mobile IPv6 clients. If you do not
configure these values, HP-UX IPSec will attempt to use the local
system’s IPv6 address.
-rtype
remote_id_type
and -rid
remote_id
The
remote_id
is the ID value used to verify the ID value sent by the
remote system when negotiating a IKE SA). If you are using RSA
signatures, this must also match information in the remote system’s
certificate.
Acceptable Values: The ID type must not be IPV6. Table F-1 lists the
valid ID types and corresponding ID values.