Manualshelf

Using Microsoft Certificates with HP-UX IPSec A.02.01

ManualsBrandsHP ManualsSoftwareHP-UX IPSec Software
12345678910
Introduction
This document describes how to:
Configure HP-UX IPSec A.02.01 to use certificates issued from a Microsoft Windows root
CA. This procedure includes information about requesting and issuing certificates, and
configuring HP-UX IPSec to use certificates for IKE authentication. You can use the certificates
for Internet Key Exchange (IKE) authentication with other HP-UX systems or with Microsoft
Windows systems. This procedure is described in “Configuring a Certificate for an HP-UX
Client” (page 9).
Configure a Windows client to use certificates issued from a Windows CA to be compatible
with HP-UX IPSec. This procedure includes information about requesting and storing
certificates for Windows IP Security, and configuring Windows IP Security to use certificates
for IKE authentication. This procedure is described in “Configuring a Certificate for a
Windows Client” (page 22).
The intended audience for this document is an HP-UX IPSec administrator who is familiar with
the HP-UX IPSec product, the IP Security protocol suite, and security certificates.
NOTE: The IP Security protocol suite is often referred to as IPsec. The HP-UX product that
implements the IP Security protocol suite is HP-UX IPSec.
Testing Environment
The procedures in this white paper were tested using the following environment:
DescriptionComponent
Versions A.02.01 and A.02.01.01.01HP-UX IPSec
Windows 2003 Server with Certificate Services configured
as a standalone root CA with web-enrollment support
Microsoft Windows CA
Windows XP with Service Pack 2 (SP2)Microsoft Windows Client
Microsoft also supports Windows enterprise CAs, which are members of a Windows Active
Directory domain. The procedures in this white paper can be used with a Windows enterprise
root CA.
Introduction 7