Hide Navigation Pane
Show Navigation Pane
Download
SHA1
Overview
You can use digital certificates in place of preshared keys for IKE negotiations. For more information about IKE, see IKE Overview in Configuring IPsec.
Digital Certificate Terms and Acronyms
Table 23 describes terms and abbreviations that are used in this discussion of digital certificates.
Table 23: Digital Certificate Terms and Acronyms
Term or Abbreviation | Description |
|---|---|
3DES | Triple DES encryption/decryption algorithm |
Base64 | Method used to encode certificate requests and certificates before they are sent to or from the CA |
CA | Certificate authority; an organization that creates digital certificates |
Certificate | Binds a person or entity to a public key using a digital signature |
CRL | Certificate revocation list; a list of certificates that a CA has revoked |
ESP | Encapsulating Security Payload; provides data integrity, data confidentiality and, optionally, sender's authentication |
IKE | Internet Key Exchange |
PKCS | Public-Key Cryptography Standards; a series of standards established by RSA Laboratories |
PKCS10 | PKCS #10; describes a syntax for certification requests |
Root CA | CA that signs the certificates of subordinate CAs |
Root certificate | Self-signed public key certificate for a root CA; root certificates are used to verify other certificates |
RSA | Rivest-Shamir-Adleman encryption algorithm |
SA | Security association; the set of security parameters that dictate how IPsec processes a packet, including encapsulation protocol and session keys. A single secure tunnel uses multiple SAs. |
SCEP | Simple certificate enrollment protocol; used to submit requests and to download certificates and CRLs |
