Cisco Cisco Web Security Appliance S170 사용자 가이드
B A C K I N G U P A N D R E S T O R I N G C E R T I F I C A T E S A N D K E Y S
C H A P T E R 5 : F I P S M A N A G E M E N T
79
B A C K I N G U P A N D R E S T O R I N G C E R T I F I C A T E S A N D KEY S
You can back up the certificates and keys the HSM card manages to an XML file. Similarly,
you can restore the certificates and keys from the XML file to the HSM card. Backing up
includes all certificates and keys stored in the HSM card in the XML file. The keys are
encrypted before being stored to the file. When you restore from the XML file, you can choose
which certificate and key pairs to restore.
you can restore the certificates and keys from the XML file to the HSM card. Backing up
includes all certificates and keys stored in the HSM card in the XML file. The keys are
encrypted before being stored to the file. When you restore from the XML file, you can choose
which certificate and key pairs to restore.
Note — When you save the appliance configuration to a file, the certificate and keys the HSM
card manages are not included in the configuration file. Also, if you restore the appliance
configuration from a file that erroneously includes certificate and key information, AsyncOS
ignores the certificate and key information in the file.
card manages are not included in the configuration file. Also, if you restore the appliance
configuration from a file that erroneously includes certificate and key information, AsyncOS
ignores the certificate and key information in the file.
To back up and restore certificates and keys, use the Backup Certificates and Keys section on
the Edit Key Management Settings page. Figure 5-8 shows where you back up and restore
certificates and keys on the Edit Key Management Settings page.
the Edit Key Management Settings page. Figure 5-8 shows where you back up and restore
certificates and keys on the Edit Key Management Settings page.
Figure 5-8 Backing up and Restoring Certificates and Keys
Backing up Certificates and Keys
To back up the certificates and keys the HSM card manages:
1. From the FIPS management console, click Edit Settings in the Key Management section.
The Edit Key Management Settings page displays.
2. Scroll down to the Backup Certificates and Keys section, and choose the file name to use
for the XML file that will contain the encrypted certificate and key pairs. You can define
your own file name or AsyncOS for Web can choose one for you.
your own file name or AsyncOS for Web can choose one for you.
3. Click Backup.
4. Choose to save the file, and click OK.
5. Navigate to the directory on the local machine to where you want to save the XML file,
and click Save.