Cisco Cisco Web Security Appliance S170 사용자 가이드
5-6
Cisco IronPort AsyncOS 7.5.7 for Web User Guide
Chapter 5 FIPS Management
Managing Certificates and Keys
Figure 5-4
Edit Password Management Settings Page
Step 3
Enter the current FIPS Officer password and the new FIPS Officer password in the appropriate fields.
Step 4
Click Submit.
Supported Certificate Types
When an SSL session uses an RSA key, the key is protected by the HSM card. When an SSL session uses
a DSA key, the key is not protected by the HSM card. The web interface and CLI prevent administrators
from uploading certificates that use DSA keys.
a DSA key, the key is not protected by the HSM card. The web interface and CLI prevent administrators
from uploading certificates that use DSA keys.
Logging
For error messages related to FIPS management, read the Default Proxy Log at the trace or debug level.
You can search for “HSM” in Default Proxy Log to get HSM related information.
You can search for “HSM” in Default Proxy Log to get HSM related information.
Managing Certificates and Keys
You can use the HSM card to manage certificates and keys used by the Web Security appliance. To do
this, log into the FIPS management console, and click Edit Settings in the Key Management section.
this, log into the FIPS management console, and click Edit Settings in the Key Management section.
shows the Edit Key Management Settings page.