9-6
Device Manager Guide, Cisco ACE 4700 Series Application Control Engine Appliance
OL-26645-02
Chapter 9 Configuring SSL
Using SSL Certificates
For more information on SSL configuration features, see Summary of SSL Configuration Steps.
Figure 9-2 SSL Setup Sequence
Related Topics
• Configuring SSL, page 9-1
• Importing SSL Certificates, page 9-8
• Importing SSL Key Pairs, page 9-12
• Configuring SSL Parameter Maps, page 9-19
• Configuring SSL Chain Group Parameters, page 9-25
• Configuring SSL Proxy Service, page 9-28
Using SSL Certificates
You can display a list of the certificates and their matching key pairs that are installed on the ACE for a
context by choosing Config > Virtual Contexts > context > Certificates. The Certificates window
appears, displaying the list of installed certificates.
Digital certificates and key pairs are a form of digital identification for user authentication. Certificate
Authorities issue certificates that attest to the validity of the public keys they contain. A client or server
certificate includes the following identification attributes:
• Name of the Certificate Authority and Certificate Authority digital signature
• Name of the client or server (the certificate subject) that the certificate authenticates
• Issuer
• Serial number
• Subject’s matching public key of the certificate
• Time stamps that indicate the certificate's start date and expiration date
• CA certificate
A Certificate Authority has one or more signing certificates that it uses for creating SSL certificates and
certificate revocation lists (CRL). Each signing certificate has a matching private key that is used to
create the Certificate Authority signature. The Certificate Authority makes the signing certificates (with
the public key embedded) available to the public, enabling anyone to access and use the signing
certificates to verify that an SSL certificate or CRL was actually signed by a specific Certificate
Authority.
Kommentare zu diesen Handbüchern