ADC 3 Switch User Manual


 
ADC Telecommunications, Inc.
458 C
HAPTER 19: MANAGING CABLE MODEMS
Configuring Trust and Validity for Manufacturer Certificates
A Certificate Authority (CA) is a self-signed certificate containing the DOCSIS
CA’s trusted public key. The manufacturer issues an X.509 certificate that
binds the cable modem public key to other identifying information. BPI+ uses
the X.509 digital certificate to authenticate key exchanges between the
cable modem and CMTS.
You can configure and display trust for all new self-assigned manufacturer
certificates, as well as for existing certificates for a specified cable modem. In
addition you can configure certificates to have or not to have their validity
period checked against the current time of day. Note that this task applies to
BPI+ only.
Configuring trust and validity for certificates involves setting the following
parameters:
Table 19-5 Parameters for Setting and Displaying Trust and Validity for
Certificates
Parameter Description
interface cable <c/s/i> The interface for which you want to display
certificates.
mac-address The MAC address of the cable modem for which
you want to display certificates.
trusted Sets a valid certificate.
untrusted Sets an invalid certificate. The default is set to
untrusted.
enable Sets the certificate to True. This means that the
validity is checked against the current time of day.
disable Sets the certificate to False. This means that the
validity is not checked against the current time of
day.
learnt Indicates that you want to display the certificates
for the cable modems.
provisioned Indicates that you want to display the certificates
for the provisioned cable modem.
details Indicates that you want to display the BPI+
privacy authorization for the provisioned cable
modem.