Cisco Cisco Web Security Appliance S160 Guía Del Usuario
5-13
Cisco IronPort AsyncOS 7.5 for Web User Guide
Chapter 5 FIPS Management
Backing up and Restoring Certificates and Keys
d.
Click Generate. The Web Security appliance generates the certificate with the data you entered and
generates a key.
generates a key.
The generated certificate information is displayed on the Edit Key Management Settings page.
Note
After you generate the certificate and key, you can download the generated certificate to
transfer it to the SaaS applications with which the Web Security appliance will
communicate. Do this using the Download Certificate link in the generated key area.
transfer it to the SaaS applications with which the Web Security appliance will
communicate. Do this using the Download Certificate link in the generated key area.
e.
Optionally, you can download the Certificate Signing Request (CSR) using the Download
Certificate Signing Request link so you can submit it to a certificate authority (CA). After you
receive a signed certificate from the CA, click Browse and navigate to the signed certificate
location. Click Upload File. You can do this anytime after generating the certificate on the
appliance.
Certificate Signing Request link so you can submit it to a certificate authority (CA). After you
receive a signed certificate from the CA, click Browse and navigate to the signed certificate
location. Click Upload File. You can do this anytime after generating the certificate on the
appliance.
Step 7
Submit your changes.
Backing up and Restoring Certificates and Keys
You can back up the certificates and keys the HSM card manages to an XML file. Similarly, you can
restore the certificates and keys from the XML file to the HSM card. Backing up includes all certificates
and keys stored in the HSM card in the XML file. The keys are encrypted before being stored to the file.
When you restore from the XML file, you can choose which certificate and key pairs to restore.
restore the certificates and keys from the XML file to the HSM card. Backing up includes all certificates
and keys stored in the HSM card in the XML file. The keys are encrypted before being stored to the file.
When you restore from the XML file, you can choose which certificate and key pairs to restore.
Note
When you save the appliance configuration to a file, the certificate and keys the HSM card manages are
not included in the configuration file. Also, if you restore the appliance configuration from a file that
erroneously includes certificate and key information, AsyncOS ignores the certificate and key
information in the file.
not included in the configuration file. Also, if you restore the appliance configuration from a file that
erroneously includes certificate and key information, AsyncOS ignores the certificate and key
information in the file.
To back up and restore certificates and keys, use the Backup Certificates and Keys section on the Edit
Key Management Settings page.
Key Management Settings page.
shows where you back up and restore certificates and keys
on the Edit Key Management Settings page.
Figure 5-9
Backing up and Restoring Certificates and Keys