PKI page

Public Key Infrastructure (PKI) capability on the switch provides digital certificates to authenticate network entities. This page enables you to configure and manage digital certificates on the switch. The switch uses certificates to validate SSH clients when acting as an SSH server and when communicating with syslog servers while TLS encryption is used.

Each entity in the PKI has their identity validated by a certificate authority (CA). The CA issues a digital certificate as part of enrolling each entity into the PKI. This digital certificate is used by the replying parties (for example, network connection peers) to set up secure communication. Based on the information present in the certificate of the sender, the receiving entity can validate the authenticity of the sender and subsequently establish a secure communication channel. For more information about PKI, see theAOS-CXSecurity Guide.

美国东部时间配置文件panel

美国东部时间配置文件panel displays the details of the EST profiles added to the switch. Enrollment over Secure Transport (EST) enhances the switch PKI infrastructure with a simpler, scalable, and more secure method of certificate provisioning, re-enrollment, and renewal.

助教概要文件panel

助教概要文件panel displays information and status of TA profiles added to the switch. A Trust Anchor (TA) defines certificate-specific operations, such as enrollment and validations. Each TA profile stores the certificate for a trusted CA.

证书panel

证书panel displays details about the digital certificates that can be used for applications in the switch. Certificates help secure digital transactions by enabling the end parties to validate each other's identity. Digital certificates are issued by a CA and are composed of an encoded string of characters (usually stored in a file).

组合ed Application Details panel

组合ed Application Detailspanel displays the features (applications) on the switch to which you can associate certificates. The panel also displays the associated certificate name and status. By default, all features are associated with the default, self-signed certificatelocal-cert. This certificate is created by the switch the first time it starts.