Cisco PAP2 Administration Guide - Page 148
Obtaining a Server Certificate, Qualified Domain Name syntax. During SSL authentication handshake,
View all Cisco PAP2 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 148 highlights
7 Provisioning Basics Using HTTPS each individual endpoint. A certificate authority root certificate capable of authenticating the device client certificate is given to each service provider. This authentication path allows the provisioning server to reject unauthorized requests for configuration profiles. Obtaining a Server Certificate To obtain a server certificate: STEP 1 Contact a Cisco/Linksys support person who will work with you on the certificate process. STEP 2 Generate a private key that will be used in a CSR (Certificate Signing Request). This key is private and you do not need to provide this key to Cisco support. Use open source "openssl" to generate the key. For example: openssl genrsa -out 1024 STEP 3 Generate CSR a that contains fields that identify your organization, and location. For example: openssl req -new -key -out You must have the following information: • Subject field-Enter the Common Name (CN) that must be a FQDN (Fully Qualified Domain Name) syntax. During SSL authentication handshake, the SPA9000 verifies that the certificate it receives is from the machine that presented it. • Server's hostname-For example, provserv.domain.com. • Email address-Enter an email address so that customer support can contact you if needed. This email address is visible in the CSR. STEP 4 Email the CSR (in zip file format) to the Cisco/Linksys support person. The certificate is signed by Cisco and given to you. 146 Cisco SPA and Wireless IP Phone Administration Guide