HP 635n HP Jetdirect Print Servers - How to Use 802.1X on HP Jetdirect Print S - Page 62

CA Hierarchy

Get HP 635n - JetDirect IPv6/IPsec Print Server PDF manuals and user guides
UPC - 882780301016
View all HP 635n manuals
Add to My Manuals
Save this manual to your list of manuals

Page 62 highlights

Figure 22 - CA Hierarchy In this example, RootCA is the top level CA, which is also called the Root. What usually happens at customer sites is that the Root CA is created and it issues one or more certificates to Subordinate CAs, also known as Intermediate CAs, and they do the dirty work of issuing certificates to various entities in the customer's network. The Root CA is then shutdown and locked up in a secure room with this information backed up in several places. The Root CA establishes the trust of the whole environment and is very well protected. We can see that RootCA issues a certificate to R2, which grants R2 the capability to issue certificates to other entities. R2's certificate is signed by the Root CA. R2 then can issue certificates to other devices, such as IAS. If we take a look at IAS' certificate, the issuing "chain" or path looks like Figure 23: 62

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
62
Figure 22 – CA Hierarchy
In this example, RootCA is the top level CA, which is also called the Root.
What usually happens at
customer sites is that the Root CA is created and it issues one or more certificates to Subordinate CAs,
also known as Intermediate CAs, and they do the dirty work of issuing certificates to various entities
in the customer’s network.
The Root CA is then shutdown and locked up in a secure room with this
information backed up in several places.
The Root CA establishes the trust of the whole environment
and is very well protected.
We can see that RootCA issues a certificate to R2, which grants R2 the capability to issue certificates
to other entities.
R2’s certificate is signed by the Root CA.
R2 then can issue certificates to other
devices, such as IAS.
If we take a look at IAS’ certificate, the issuing “chain” or path looks like Figure
23: