Home > HP > Switch > HP A 5120 Manual

HP A 5120 Manual

Add to Favourites
    Download as PDF

    Here you can view all the pages of manual HP A 5120 Manual. The HP manuals for Switch are available online for free. You can easily download all the documents as PDF.

    Overview View all the pages Comments

    Page 211

    Page 211 201 2B Exponent: 65537 (0x10001) X509v3 extensions: X509v3 CRL Distribution Points: URI:http://4.4.4.133:447/myca.crl Signature Algorithm: sha1WithRSAEncryption 836213A4 F2F74C1A 50F4100D B764D6CE B30C0133 C4363F2F 73454D51 E9F95962 EDE9E590 E7458FA6 765A0D3F C4047BC2 9C391FF0 7383C4DF 9A0CCFA9 231428AF 987B029C C857AD96 E4C92441 9382E798 8FCC1E4A 3E598D81 96476875... 
     
201 
                    2B 
                Exponent: 65537 (0x10001) 
        X509v3 extensions: 
            X509v3 CRL Distribution Points: 
            URI:http://4.4.4.133:447/myca.crl 
 
    Signature Algorithm: sha1WithRSAEncryption 
        836213A4 F2F74C1A 50F4100D B764D6CE 
        B30C0133 C4363F2F 73454D51 E9F95962 
        EDE9E590 E7458FA6 765A0D3F C4047BC2 
        9C391FF0 7383C4DF 9A0CCFA9 231428AF 
        987B029C C857AD96 E4C92441 9382E798 
        8FCC1E4A 3E598D81 96476875...

    Page 212

    Page 212 202  Modify the certificate service attributes From the start menu, select Control Panel > Administrative Tools > Certificate Authority. If the CA server and SCEP add-on have been installed successfully, there should be two certificates issued by the CA to the RA. Right-click on the CA server in the navigation tree and select Properties > Policy Module. Click Properties and then select Follow the settings in the certificate template, if... 
     
202 
 Modify the certificate service attributes 
From  the  start  menu,  select Control  Panel > Administrative  Tools > Certificate  Authority.  If  the  CA  server 
and  SCEP  add-on  have  been  installed  successfully,  there  should  be  two  certificates  issued  by  the  CA  to 
the  RA.  Right-click  on  the  CA  server  in  the  navigation  tree  and  select Properties > Policy  Module.  Click 
Properties and  then  select Follow  the  settings  in  the  certificate template,  if...

    Page 213

    Page 213 203 +++++++++++++++++++++++++++++++++++++++++++++++ +++++++++++++++++++++++  Apply for certificates # Retrieve the CA certificate and save it locally. [Switch] pki retrieval-certificate ca domain torsa Retrieving CA/RA certificates. Please wait a while...... The trusted CAs finger print is: MD5 fingerprint:766C D2C8 9E46 845B 4DCE 439C 1C1F 83AB SHA1 fingerprint:97E5 DDED AB39 3141 75FB DB5C E7F8 D7D7 7C9B 97B4 Is the finger print correct?(Y/N):y Saving CA/RA certificates... 
     
203 
+++++++++++++++++++++++++++++++++++++++++++++++ 
+++++++++++++++++++++++ 
 
 Apply for certificates 
# Retrieve the CA certificate and save it locally. 
[Switch] pki retrieval-certificate ca domain torsa 
Retrieving CA/RA certificates. Please wait a while...... 
The trusted CAs finger print is: 
    MD5  fingerprint:766C D2C8 9E46 845B 4DCE 439C 1C1F 83AB 
    SHA1 fingerprint:97E5 DDED AB39 3141 75FB DB5C E7F8 D7D7 7C9B 97B4 
 
Is the finger print correct?(Y/N):y 
 
Saving CA/RA certificates...

    Page 214

    Page 214 204 10242FDD D3947F5E 2DA70BD9 1FAF07E5 1D167CE1 FC20394F 476F5C08 C5067DF9 CB4D05E6 55DC11B6 9F4C014D EA600306 81D403CF 2D93BC5A 8AF3224D 1125E439 78ECEFE1 7FA9AE7B 877B50B8 3280509F 6B Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B68E4107 91D7C44C 7ABCE3BA 9BF385F8 A448F4E1 X509v3... 
     
204 
                    10242FDD D3947F5E 2DA70BD9 1FAF07E5 
                    1D167CE1 FC20394F 476F5C08 C5067DF9 
                    CB4D05E6 55DC11B6 9F4C014D EA600306 
                    81D403CF 2D93BC5A 8AF3224D 1125E439 
                    78ECEFE1 7FA9AE7B 877B50B8 3280509F 
                    6B 
                Exponent: 65537 (0x10001) 
        X509v3 extensions: 
            X509v3 Subject Key Identifier: 
            B68E4107 91D7C44C 7ABCE3BA 9BF385F8 A448F4E1 
            X509v3...

    Page 215

    Page 215 205 Configuration procedure NOTE:  For more information about SSL configuration, see the chapter “SSL configuration.“  For more information about HTTPS configuration, see the Fundamentals Configuration Guide.  The PKI domain to be referenced by the SSL policy must be created in advance. For how to configure a PKI domain, see “Configure the PKI domain.” 1. Configure the HTTPS server # Configure the SSL policy for the HTTPS server to use. system-view [Switch] ssl server-policy myssl... 
     
205 
Configuration procedure 
 
 NOTE: 
 For more information about SSL configuration, see the chapter “SSL configuration.“ 
 For more information about HTTPS configuration, see the Fundamentals Configuration Guide. 
 The PKI domain to be referenced by the SSL policy must be created in advance. For how to configure a PKI 
domain, see “Configure the PKI domain.”  
1. Configure the HTTPS server 
# Configure the SSL policy for the HTTPS server to use. 
 system-view 
[Switch] ssl server-policy myssl...

    Page 216

    Page 216 206 Troubleshooting PKI Failed to retrieve a CA certificate Symptom Failed to retrieve a CA certificate. Analysis Possible reasons include:  The network connection is not proper. For example, the network cable might be damaged or loose.  No trusted CA is specified.  The URL of the registration server for certificate request is not correct or not configured.  No authority is specified for certificate request.  The system clock of the device is not synchronized with that of the CA.... 
     
206 
Troubleshooting PKI 
Failed to retrieve a CA certificate 
Symptom 
Failed to retrieve a CA certificate. 
Analysis 
Possible reasons include: 
 The network connection is not proper. For example, the network cable might be damaged or loose. 
 No trusted CA is specified. 
 The URL of the registration server for certificate request is not correct or not configured.  
 No authority is specified for certificate request. 
 The system clock of the device is not synchronized with that of the CA....

    Page 217

    Page 217 207  Use the ping command to check that the RA server is reachable.  Specify the authority for certificate request.  Configure the required entity DN parameters. Failed to retrieve CRLs Symptom Failed to retrieve CRLs. Analysis Possible reasons include:  The network connection is not proper. For example, the network cable might be damaged or loose.  No CA certificate has been retrieved before you try to retrieve CRLs.  The IP address of LDAP server is not configured.  The CRL... 
     
207 
 Use the ping command to check that the RA server is reachable. 
 Specify the authority for certificate request. 
 Configure the required entity DN parameters.  
Failed to retrieve CRLs 
Symptom 
Failed to retrieve CRLs. 
Analysis 
Possible reasons include: 
 The network connection is not proper. For example, the network cable might be damaged or loose. 
 No CA certificate has been retrieved before you try to retrieve CRLs. 
 The IP address of LDAP server is not configured. 
 The CRL...

    Page 218

    Page 218 208 SSH2.0 configuration SSH2.0 overview Introduction to SSH2.0 Secure Shell (SSH) offers an approach to logging in to a remote device securely. Using encryption and strong authentication, SSH protects devices against attacks such as IP spoofing and plain text password interception. The device can not only work as an SSH server to support connections with SSH clients, but also work as an SSH client to allow users to establish SSH connections with a remote device acting as... 
     
208 
SSH2.0 configuration 
SSH2.0 overview 
Introduction to SSH2.0 
Secure Shell  (SSH)  offers  an  approach  to  logging  in to  a  remote  device securely. Using encryption  and 
strong  authentication, SSH protects devices  against  attacks  such  as  IP  spoofing  and  plain  text  password 
interception. 
The device can not only work as an SSH server to support connections with SSH clients, but also work as 
an SSH client to allow users to establish SSH connections with a remote device acting as...

    Page 219

    Page 219 209 secondary protocol version numbers constitute the protocol version number. The software version number is used for debugging. 4. Upon receiving the packet, the client resolves the packet and compares the server’s protocol version number with that of its own. If the server’s protocol version is lower and supportable, the client uses the protocol version of the server; otherwise, the client uses its own protocol version. In either case, the client sends a packet to the server to notify the... 
     
209 
secondary protocol version numbers constitute the protocol version number. The software version 
number is used for debugging.  
4. Upon receiving the packet, the client resolves the packet and compares the server’s protocol 
version number with that of its own. If the server’s protocol version is lower and supportable, the 
client uses the protocol version of the server; otherwise, the client uses its own protocol version. In 
either case, the client sends a packet to the server to notify the...

    Page 220

    Page 220 210 authentication result. The device supports using the publickey algorithms RSA and DSA for digital signature. The following gives the steps of the authentication stage: 1. The client sends the server an authentication request that includes the username, authentication method (password authentication or publickey authentication), and information related to the authentication method (for example, the password in the case of password authentication). 2. The server authenticates the client.... 
     
210 
authentication result. The  device  supports using  the publickey algorithms RSA  and  DSA for digital 
signature. 
The following gives the steps of the authentication stage: 
1. The client sends the server an authentication request that includes the username, authentication 
method (password authentication or publickey authentication), and information related to the 
authentication method (for example, the password in the case of password authentication). 
2. The server authenticates the client....
    Start reading HP A 5120 Manual

    Related Manuals for HP A 5120 Manual

    All HP manuals