TechLibrary

Navigation

Supported Platforms

M Series
MX Series
T Series

Option: Using Digital Certificates

A popular way for network administrators to scale an IPSec network is to use digital certificates instead of preshared keys. To enable digital certificates in your network, you need to use a combination of operational mode commands and configuration statements. The following steps enable you to implement digital certificates on AS and MultiServices PICs installed in M Series and T Series routers:

Configuring a CA Profile
Configuring a Certificate Revocation List
Requesting a CA Digital Certificate
Generating a Private/Public Key Pair
Generating and Enrolling a Local Digital Certificate
Applying the Local Digital Certificate to an IPSec Configuration
Configuring Automatic Reenrollment of Digital Certificates
Monitoring Digital Certificates
Clearing Digital Certificates

Published: 2013-07-19

Supported Platforms

M Series
MX Series
T Series