Cisco Cisco Identity Services Engine 1.3 Folheto
![Cisco](https://files.manualsbrain.com/attachments/7380d0050044647c30f5c24bbbf5d0c0b6d9bb84/common/fit/150/50/faa183d287233c52228cfea3dbc2a127fe780f60564fcb0955d9c3d1cd23/brand_logo.png)
安全访问操作指南
Trust this certificate? [no]: yes
Certificate was added to keystroke
步骤
9
将
pxGrid 客户端证书导入到身份密钥库中。
keytool -import -alias pxGridMAC -keystore pxGridClient.jks -file
pxGridClient.cer
Enter keystore password: cisco123
Certificate already exists in keystore under alias <1>
Do you still want to add it? [no]: yes
Certificate was added to keystore
注:如果您收到表明证书已添加到预先存在的密钥库的消息,则可以选择“
no”,而操作仍然正常。我选择了“yes”,因此我们可以验证后来是否
添加了证书。
步骤
10 将 CA 根证书添加到受信任密钥库,CA 根证书也需要受信任。
keytool -import -alias ca_root1 -keystore root3.jks -file ca_root.cer
Enter keystore password: cisco123
Owner: CN=lab6-WIN-BG7GPQ053ID-CA, DC=lab6, DC=com
Issuer: CN=lab6-WIN-BG7GPQ053ID-CA, DC=lab6, DC=com
Serial number: 448a6d6486c91cb14c6888c127d16c4e
Valid from: Thu Nov 13 20:47:06 EST 2014 until: Wed Nov 13 20:57:06 EST 2019
Certificate fingerprints:
MD5: 41:10:8A:F5:36:76:79:9C:2C:00:03:47:55:F8:CF:7B
SHA1: 9D:DA:06:AF:06:3F:8F:5E:84:C7:F4:58:50:95:03:22:64:48:96:9F
SHA256:
DB:28:50:D6:47:CA:C0:6A:E9:7B:87:B4:0E:9C:3A:C1:A2:61:EA:D1:29:8B:45:B4:76:4B:DA:2A:F1:D8:E0:A3
Signature algorithm name: SHA256withRSA
Version: 3
Extensions:
#1: ObjectId: 1.3.6.1.4.1.311.21.1 Criticality=false
0000: 02 01 00 ...
#2: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
]
#3: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]
#4: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: A9 C7 8E 26 9C F5 37 0A E6 5A 15 36 26 D4 A2 06 ...&..7..Z.6&...
0010: 6A C8 79 2C j.y,
]
]
© 2015 思科系统公司
第
11 页