Manualshelf

Using Microsoft Certificates with HP-UX IPSec A.02.01

ManualsBrandsHP ManualsSoftwareHP-UX IPSec Software
21222324252627282930
enter a value for at least one of the following four fields that specify DN attributes:
Name, Company, Department, or Country.
E-Mail
The e-mail address (also referred to as the user fully-qualified domain name, or user
FQDN) for the subjectAlternativeName. This field is optional. Note that if you specify
a user FQDN, Windows system do not use user FQDNs as IKE IDs.
Company
The organization (O) attribute of the DN. This field is optional, but to be compatible
with HP-UX IPSec you must enter a value for at least one of the following four fields
that specify DN attributes: Name, Company, Department, or Country.
Department
The organizationationalUnit (OU) attribute of the DN. This field is optional, but to be
compatible with HP-UX IPSec you must enter a value for at least one of the following
four fields that specify DN attributes: Name, Company, Department, or Country.
City
The city or locality attribute of the DN. This field is optional. Note that HP-UX IPSec
does not use this attribute when comparing the configured remote ID value and IKE
ID payload with the certificate.
State
The state or province attribute of the DN. This field is optional. Note that HP-UX IPSec
does not use this attribute when comparing the configured remote ID value and IKE
ID payload with the certificate.
Country
The country (C) attribute of the DN. This field is optional, but to be compatible with
HP-UX IPSec you must enter a value for at least one of the following four fields that
specify DN attributes: Name, Company, Department, or Country.
Type of Certificate Needed
The type of certificate. Select IPSec Certificate, Server Authentication Certificate, or
Client Authentication Certificate.
Create a new key set/Use existing key set
Specifies if you want to create a new public/private key pair for the certificate or use
an existing key pair. Select Create a new key set.
CSP
Specifies the cryptographic service provider. Select Microsoft Enhanced Cryptographic
Provider v1.0.
Key Usage
Specifies how the certificate key pair can be used. Select Signature or Both. Do not
select Exchange.
Key Size
Specifies the key length. HP recommends 1024 (the default).
Automatic key container/ User specified key container name
Specifies how the keys are stored. HP recommends Automatic key container.
Mark keys as exportable
Specifies if the keys can be used for other purposes. You do not need to enable this.
Configuring a Certificate for a Windows Client 25