[Contents]
[Prev]
[Next]
[Index]
[Report an Error]
Minimum Digital Certificates Configuration for IKE (ES PIC)
To define a digital certificates configuration
for IKE for an encryption interface on M-series and T-series routing
platforms, include at least the following statements at the [edit
security certificates] and [edit security ike] hierarchy
levels:
- [edit security]
- certificates {
-
-
certification-authority ca-profile-name {
-
ca-name ca-identity;
-
crl filename;
-
enrollment-url url-name;
-
file certificate-filename;
-
ldap-url url-name;
- }
- }
-
ike {
-
-
policy ike-peer-address {
-
local-certificate certificate-filename;
-
local-key-pair private-public-key-file;
-
proposal [ ike-proposal-names ];
- }
-
-
proposal ike-proposal-name {
-
authentication-method rsa-signatures;
- }
- }
[Contents]
[Prev]
[Next]
[Index]
[Report an Error]
