Cisco Cisco Email Security Appliance C190 Guía Del Usuario
Chapter 1 FIPS Management
1-10
Cisco IronPort AsyncOS 7.3 for Email Advanced Configuration Guide
OL-23081-01
You can use the FIPS Management console to manage certificate and key pairs.
The private keys are stored on the HSM card. To do this, log into the FIPS
Management console, and click Add Certificate in the Appliance Certificate
section to import a certificate and key pair or create as self-signed certificate.
The private keys are stored on the HSM card. To do this, log into the FIPS
Management console, and click Add Certificate in the Appliance Certificate
section to import a certificate and key pair or create as self-signed certificate.
shows the Add Certificate page.
Figure 1-6
Add Certificate Page
To create a self-signed certificate, select Self-Signed Certificate and enter the
following information:
following information:
Common Name
The fully qualified domain name.
Organization
The exact legal name of the organization.
Organizational Unit
Section of the organization.
City (Locality)
The city where the organization is legally
located.
located.
State (Province)
The state, county, or region where the
organization is legally located.
organization is legally located.
Country
The two letter ISO abbreviation of the country
where the organization is legally located.
where the organization is legally located.
Duration before expiration
The number of days before the certificate
expires.
expires.
Private Key Size
Size of the private key to generate for the CSR.
Only 2048 bits and 1024 bits are supported.
Only 2048 bits and 1024 bits are supported.
Click Next to view the certificate and signature information.
If you want to submit a CSR for the self-signed certificate to a certificate
authority, click Download Certificate Signing Request to save the CSR in PEM
format to a local or network machine. Click Submit to save the certificate and
commit your changes. The certificate appears on the FIPS Management page and
the private key is stored on the HSM card.
authority, click Download Certificate Signing Request to save the CSR in PEM
format to a local or network machine. Click Submit to save the certificate and
commit your changes. The certificate appears on the FIPS Management page and
the private key is stored on the HSM card.