HP ProCurve NAC 800 User Manual page 458
Hide thumbs
Also See for ProCurve NAC 800:
- User manual (560 pages) ,
- User manual (586 pages) ,
- User manual (474 pages)
Table of Contents
Advertisement
System Administration
Creating and Replacing SSL Certificates
15-30
4.
Submit the CSR (see "Copying Files" on page 1-20) to your chosen CA
(such as Thawte or Verisign) along with anything else they might require:
http://www.verisign.com/
http://www.thawte.com/
5.
If you are using a non-traditional CA (such as your own private Certificate
Authority/Public Key Infrastructure (CA/PKI), or if you are using a less
well-known CA, you will need to import the CA's root certificates into the
java cacerts file by entering the following command on the command line
of the NAC 800 server:
keytool -import -alias <CA_alias> -file <ca_root_cert_file>
-keystore /usr/local/nac/keystore/cacerts
Where:
<CA_alias> is an alias unique to your cacerts file and preferably identifies
the CA to which it pertains
<ca_root_cert_file> is the file containing the CA's root certificate
6.
keytool prompts for the password for the cacerts file, which should be
the default: changeit.
7.
If you are prompted, enter yes to trust the certificate.
8.
Once you get your signed certificate back from the CA, import it into your
keystore (see "Copying Files" on page 1-20), replacing the previously self-
signed public certificate for your key by entering the following command
on the command line of the NAC 800 server:
keytool -import -alias <key_alias> -trustcacerts -file
<signed_cert_file> -keystore /usr/local/nac/keystore/
compliance.keystore
Where:
<key_alias> is the name for the key within the keystore file
<signed_cert_file> is the name of the file containing your CA-signed
certificate
9.
keytool prompts for the password for the keystore_filename file, which
is the password used when the keystore was created.
Advertisement
Table of Contents
