Hp e-CommerceXML Accelerator sa7150 Manuel d'utilisateur Page 55
- Page / 212
- Table des matières
- DEPANNAGE
- MARQUE LIVRES
Noté. / 5. Basé sur avis des utilisateurs
C H A P T E R 3 Client Authentication
45
Verify the import by using the list map command again. Note that the
Client Auth column now shows client authentication for Map ID 2
enabled.
HP SA7150> list map
Map Net Ser Cipher Re- Client well
ID KeyID Server IP Port Port Suites direct Auth XML form
== ===== ========= ===== ==== ====== ===== ===== === ====
1 default Any 443 80 all(v2+v3) n n n N/A
2 sample 10.1.2.57 443 80 med(v2+v3) n y n N/A
HP SA7150>
Clients connecting to “map 2” are required to present a client
certificate signed by the CA whose certificate was imported above. If
they do not present a properly signed certificate, their connection
attempt is refused.
Creating a
Client CA
Certificate
using
OpenSSL*
Software packages are available that handle the details of client
certificate generation. However, you can also implement them
manually. The following example illustrates the appropriate steps
using OpenSSL*.
NOTE: To acquire a
copy of OpenSSL* for
your environment, access
the OpenSSL* Web site at
www.openssl.org.
1. Generate the key pair for the client CA.
openssl genrsa -out ca_key.pem 1024
2. Create another private key by typing this command.
openssl genrsa -out ca_key.pem 1024
3. Generate the client CA certificate.
openssl req -new -x509 -config hp.cnf -key
ca_key.pem -days 365 -out ca_cert.pem
NOTE: In this example,
ca_cert.pem is your
trusted CA and signing
certificate.
4. Use the import client_ca command to import ca_cert.pem for
each client.
1. Generate a key pair.
openssl genrsa -out key.pem 1024
2. Generate a certificate signing request.
openssl req -new -config hp.cnf -days 365 -
key key.pem -out csr.pem
3. Sign the client certificate request by typing this command.
openssl X509 -req -Cacreatserial -Cakey
ca_key.pem -CA ca_cert.pem -in csr.pem -out
cert.pem
- Publication Number 2
- Disclaimer 2
- Warranty 2
- Table of Contents 3
- Chapter 4: Scenarios 5
- Chapter 5: Command Reference 6
- Chapter 6: Remote Management 6
- Chapter 8: Software Updates 8
- Chapter 9: Troubleshooting 8
- Appendix A: Front Panel 8
- Appendix F: Support Services 9
- Introduction 11
- Assumptions 12
- Specifications 13
- Typographic Conventions 15
- Installation and Initial 17
- Configuration 17
- Additional Requirements 18
- Physical Installation 19
- Free-Standing 20
- Installation 20
- Network 20
- Connection 21
- Fail-through 22
- Accessing the 23
- Command 23
- Theory of Operation 25
- General Considerations 27
- Server Mappings 27
- XML Data Model 28
- Invalid URI Expressions 29
- Negation Operator 30
- Operators 30
- URI Expression: */hr.asp 32
- Boolean Operators 34
- Function Calls 34
- XML Pattern Creation 37
- Mapped Server 38
- Default Keyword 39
- XML Pattern Matching 39
- XML “Well-formed” Check 40
- Network Configurations 41
- Multiple 42
- SA7150s and 42
- Cascading 42
- SSL Operations 43
- Obtaining a 44
- Certificate 44
- Authority 44
- Using an 47
- Existing Key/ 47
- Apache SSL* 48
- Stronghold* 48
- Importing into the SA7150 48
- Creating a new 50
- Key/Certificate 50
- Global Site 51
- Certificates 51
- • Cipher Suite 53
- • Redirect URL 53
- • Client Authentication 53
- Client Authentication 54
- Creating a 55
- Client CA 55
- OpenSSL* 55
- SSL Processing 56
- Automapping 57
- Deleting automapping entries 57
- Blocking 58
- Subnet, Specific Port 59
- All IPs, Specific Port 60
- Delete a Block 61
- Scenarios 63
- XML Server 1 64
- XML Server 2 64
- XML Server 3 64
- Procedure for 65
- Scenario 1 65
- Verify creation of maps: 66
- Single Server 69
- Scenario 3 71
- Scenario 4—Cascaded SA7150s 73
- Scenario 4 74
- Scenario 5 76
- Firewall 77
- HP SA7150> create map 78
- Server IP (0.0.0.0): 1.1.1.3 78
- SSL (network) port [443]: 78
- Firewall Configuration 79
- Command Reference 81
- Command Line Interface 82
- HP SA7150> sh 83
- HP SA7150> set ssh e 83
- SSH Service started 83
- Cut and Paste 84
- Command Summary 85
- Command Command Options 87
- <log> > 90
- HP SA7150> create server 91
- HP SA7150> show server 92
- • all servers, or 95
- • a specified server 95
- Port Mapping 98
- Command Definition 100
- Operational 101
- Commands 101
- show spill 102
- Spill on overload: enabled 102
- Spill on overload: disabled 102
- Management 103
- Command Description 104
- set ssh_port <port> 106
- show ssh 106
- Alarms and 110
- Monitoring 110
- show rsc_window 111
- set utl_window <secs> 111
- set utl_highwater <%> 111
- show ovl_window 113
- Example: 114
- HP SA7150> password 118
- Old password:<xxxxx> 118
- HP SA7150> 118
- Logging 122
- Remote Management 123
- Limitations 124
- Remote Telnet Sessions 126
- Console 127
- HP SA7150> show telnet 128
- Remote SSH Sessions 129
- Console, SSH 130
- Changing the 130
- SSH Port 130
- HP SA7150> show ssh_port 131
- HP SA7150> set ssh disable 131
- SSH disable: 131
- HP SA7150> show ssh 131
- Starting SNMP 132
- Standards 132
- Compliance 132
- HP MIB Tree 133
- Trap Summary 134
- C H A P T E R 6SNMP 135
- Enabling 136
- Community String 137
- Access Control 138
- Alarm Types 143
- RSC: Refused 144
- Connections 144
- Utilization 145
- Threshold 145
- UTL Alarm CLI commands 146
- OVL: Overload 147
- Alarm Logging 148
- HP SA7150> list logs 149
- 20000727_145544 149
- to permit 150
- Examples: 153
- Software Updates 155
- Using HyperTerminal* 156
- Troubleshooting 159
- C H A P T E R 9 161
- Item Symptom Probable 161
- Front Panel 163
- Buttons and Switches 164
- Front Panel LEDs 164
- Connectors 166
- Failure/Bypass Modes 167
- Bypass Button 168
- Supported Ciphers 171
- SSL Version Level 172
- Regulatory 175
- Information 175
- VCCI Statement 176
- CE Compliance Statement 177
- CISPR 22 Statement 177
- VCCI Class A (Japan) 178
- Australia 178
- AVERTISSEMENT 179
- AVVERTENZA 180
- ADVERTENCIAS 181
- Wichtige Sicherheitshinweise 182
- Software License 185
- Agreement 185
- A P P E N D I X E 187
- MOZILLA 188
- LICENSE 188
- Version 1.1 188
- Support Services 201
- • An HP-authorized reseller 202
- Latin America 203
- Countries 204
- Glossary 205
- G L O S S A R Y 207
Produits connexes et manuels pour Matériel informatique Hp e-CommerceXML Accelerator sa7150
(94 pages)
(82 pages)© 2020, manymanuals.fr. Tous droits réservés | 0.032 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Commentaires sur ces manuels