Cisco Cisco Identity Services Engine 1.0.4 プリント

安全访问操作指南

步骤

 5 

mac.p12 将导入到身份密钥库（例如 mac.jks）中。这可以是扩展名为 .jks 的随机文件名。这将在 

pxGrid 脚本中充当 keystoreFilename 和关联的 keystorePassword。 

Enter destination keystore password: cisco123 

Re-enter new password: cisco123 

Enter source keystore password: cisco123 

Entry for alias 1 successfully imported. 

Import command completed: 1 entries successfully imported, 0 entries failed or cancelled 

 
步骤

 6 

仅将公共

 ISE 身份证书导出到 pxGrid 客户端中，请注意导出文件将采用 .pem 格式。可以重命名扩

展名为

 .pem 的文件以使其更易于读取，在本例中该文件重命名为 isemnt.pem。 

 

 

 
步骤

 7 

将

 .pem 文件转换为 .der 格式。 

步骤

 8 

将

 ISE 身份证书添加到 keystoreFilename。 

Enter keystore password: cisco123 

Owner: CN=ise.lab6.com 

Issuer: CN=ise.lab6.com 

Serial number: 548502f500000000ec27e53c1dd64f46 

Valid from: Sun Dec 07 17:46:29 PST 2014 until: Mon Dec 07 17:46:29 PST 2015 

Certificate fingerprints: 

 MD5: 04:7D:67:04:EC:D2:F5:BC:DC:79:4D:0A:FF:62:09:FD 

 SHA1: 5A:7B:02:E4:07:A1:D2:0B:7D:A5:AE:83:27:3B:E7:33:33:30:1E:32 

 SHA256: 

C4:21:6C:6F:5B:06:F3:2C:D7:26:35:CB:BE:2B:1B:FF:0E:EE:09:91:F6:B6:54:0C:6F:63:CB:43:1F:77:F2:37 

 Signature algorithm name: SHA1withRSA 

 Version: 3 

 

Extensions:  

 

#1: ObjectId: 2.5.29.19 Criticality=false 

BasicConstraints:[ 

  

CA:true 

  

PathLen:2147483647 

] 

 

#2: ObjectId: 2.5.29.37 Criticality=false 

ExtendedKeyUsages [ 
 

 
 

© 2015 思科系统公司 

第

 27 页