Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
More options
HP.com home
 HP-UX AAA Server A.06.02 Administrator's Guide: HP-UX 11i v1 and 11i v2 > Chapter 10 Modifying Server Properties

Certificate Properties
» 

Technical documentation

Complete book in PDF
» Feedback
Content starts here

 » Table of Contents

 » Glossary

 » Index

spacerspacerspacer
spacer
spacer
  		 
 

Clicking Certificate Properties takes you to the Certificate Properties screen where you can modify the properties described in Table 10-4 “Certificate Path Properties”.

Table 10-4 Certificate Path Properties

OptionFunction

Server Certificate Path

For TLS, TTLS, and PEAP. Fully-qualified file name to the AAA server certificate in .pem or .cer format.

Server Private Key Path

Fully-qualified file name to a file in .pem or .cer format that contains the private key used to generate the AAA server certificate. This file cannot be encrypted.

Client Certificate Authority Path

For TLS only. Fully-qualified file name to the Certificate Authority (CA) certificate for the client certificate. Used by the AAA server to authenticate client certificates. The CA certificate for the client certificate must be in .pem format.

Random Seed Path

For TLS, TTLS, and PEAP. Fully-qualified file name to the random seed used to generate keys.

Client User Name Attribute

For TLS only. Identifies the attribute in the user digital certificate to retrieve the user's name. This attribute must match the user name configured on the supplicant (client) software. The AAA server will check the user name in the certificate against the user name supplied in the EAP-TLS authentication request. Select one of the options listed below:

  • Subject Common name (default): Use the CommonName (CN) in the Subject attribute.

  • Subject EmailAddress: Use the Email Address(E) in the Subject attribute.

  • SubjectAltName RFC822Name: Use the RFC822Name in the SubjectAltName attribute.

  • Check all attributes: Search all of the above three fields for a matching name.

  • Disable: Ignore comparing User name with Certificate name.

Certificate Revocation List Path

For TLS. Fully-qualified file name to a list of prohibited client certificates. File must be in .pem or .cer format.

 



Tunneling Properties
  		 


File Size Properties  
Printable version
Privacy statement Using this site means you accept its terms Feedback to webmaster
© 2001-2005 Hewlett-Packard Development Company, L.P.