HP-UX IPSec Version A.03.00 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX IPSec Software

-alt-fqdn fqdn ................................................................................................................119

-alt-user-fqdn user_fqdn ..........................................................................................119

-key_length number_bits .............................................................................................119

-days number_days ..........................................................................................................119

Example....................................................................................................................................120

Submitting the Certificate Signing Request to the CA..................................................................121

Step 2: Adding the Local Certificate...................................................................................................122

ipsec_config add mycert -file Syntax............................................................................122

-file mycert_filename .................................................................................................122

Example...............................................................................................................................122

ipsec_config add mycert -ldap Syntax............................................................................122

-ldap server .....................................................................................................................122

-port port_number ..........................................................................................................122

-base search_base ..........................................................................................................123

-filter search_filter .................................................................................................123

-user user -password password....................................................................................123

Examples..................................................................................................................................123

Step 3: Adding the CA Certificates.....................................................................................................124

Multiple Level CAs........................................................................................................................124

ipsec_config add cacert -file Syntax............................................................................124

-file cacert_filename .................................................................................................124

Examples..................................................................................................................................124

ipsec_config add cacert -ldap Syntax............................................................................124

-ldap server .....................................................................................................................125

-port port_number ..........................................................................................................125

-base search_base ..........................................................................................................125

-filter search_filter .................................................................................................125

-user user -password password....................................................................................125

Examples..................................................................................................................................125

Step 4: Adding the CRL......................................................................................................................126

Multiple Level CAs........................................................................................................................126

ipsec_config add crl -file Syntax..................................................................................126

-file crl_filename ........................................................................................................126

Example....................................................................................................................................126

ipsec_config add crl -ldap Syntax..................................................................................126

-ldap server........................................................................................................................126

-port port_number ..........................................................................................................126

-base search_base ..........................................................................................................127

-filter search_filter .................................................................................................127

-user user -password password....................................................................................127

Examples..................................................................................................................................127

Step 5: Retrieving the CRL Using cron..............................................................................................128

Configuration Example.......................................................................................................................129

Managing Certificate Data..................................................................................................................129

Certificate Storage..........................................................................................................................129

Viewing the Local System Certificate............................................................................................129

Viewing the CA Certificate and CRL Files....................................................................................130

Deleting the Local System Certificate............................................................................................131

Deleting the CA Certificate and CRL Files....................................................................................131

6 Administering HP-UX IPSec.......................................................................................133

Starting HP-UX IPSec..........................................................................................................................134

ipsec_admin -start Syntax....................................................................................................134

8 Table of Contents