Alcatel-Lucent 8950 AAA Computer Accessories User Manual


 
............................................................................................................................................................................................................................................................
The Certificate Manager Panel8950 AAA Certificate Manager
22-2
365-360-001R6.0
Issue 1, December 2008
............................................................................................................................................................................................................................................................
Root certificates are used to sign client and server certificates. For each root certificate it
generates, aaa-cert creates a private and a public key. The private key is used to sign other
certificates. The public key is used to verify other (server & client) certificates signed by
the root certificate.
Server certificates are used by 8950 AAA to authenticate itself to remote clients. Server
certificates are signed by a root certificate. In order to sign the server certificate, aaa-cert
needs access to a root certificate and the private key associated with the certificate.
The aaa-cert tool can also be used to generate PKCS #10 Certificate Requests for a server
certificate. This request can then be submitted to a certificate authority which will generate
the server certificate. That functionality is not covered in this document.
Client certificates are used by clients to authenticate themselves to 8950 AAA. Client
certificates are signed by a root certificate. In order to sign the server certificate, aaa-cert
needs access to a root certificate and the private key associated with the certificate.
Important! For more information about Root, Server, and Client certificates, please
refer to “Notes on Using Certificates” on page 20.
The Certificate Manager Panel
File manager panel
The Certificate Manager panel displays a list of certificates in the run directory of the
PolicyServer. This panel enables the user to perform a variety of operations on the 8950
AAA Certificate Manager files. These operations include:
Create Certificate
View Certificate
Delete a Certificate
Copy the contents of a certificate to a new certificate
Rename an existing certificate
Refresh the list of certificates
Copy the contents of a certificate to the clipboard
Important! All certificate operations are limited to the 8950 AAA run directory.
To display the Certificate Manager panel, select Certificate Manager from the
Navigation Pane, under File Tools, as shown in Figure 22-1.