HP-UX IPSec Version A.03.00 Administrator's Guide
Submitting the Certificate Signing Request to the CA
Submit the PKCS#10 Certificate Signing Request (CSR) to the CA to request a signed certificate
for the local system. The ipsec_config utility stores the CSR in the file /var/adm/ipsec/
ipsec.csr.
PKI vendors support different methods for submitting CSRs. A CA implementation can have a
web-based interface with a file upload mechanism or a “copy and paste” mechanism, where the
user copies the contents of the CSR into a buffer and pastes the contents into a field on a web
page. Other vendors require you to transfer the file to the CA system using a secure mechanism,
and then specify the file name using a command-line interface.
Step 1: (Optional) Getting a Certificate for the Local System 121