11-24
User
Guide

for

the

Cisco

Application

Networking

Manager

5.2
OL-26572-01
Chapter
11






Configuring

SSL
Configuring
SSL

CSR

Parameters


Click
Cancel
t

o
exit
the
procedure
without
saving

your

entries
and
t

o
return
t

o
the
Chain

Group
Certificates
table.


Click
Next
t

o
deploy
your

entries

and

to
add
another

certificate
to
this
chain
group

table.
Related
Topics


Configuring
SSL,

page
11-1


Importing
SSL

Certificates,

page
11-7


Importing
SSL

Key

Pairs,

page
11-11


Generating
SSL

Key

Pairs,

page
11-14


Configuring
SSL

Parameter

Maps,
page
11-18


Configuring
SSL

CSR

Parameters,
page
11-24


Configuring
SSL

Proxy

Service,

page
11-27
Configuring
SSL

CSR

Parameters
A
certificate

signing

request

(CSR)

is

a

message

you

send

to

a

certificate

authority

such

as

VeriSign

and
Thawte
to

apply

for

a

digital

identity

certificate.

The

CSR

contains

information

that

identifies

the

SSL
site,
such

as

location

and

a

serial

number,

and

a

public

key

that

you

choose.

A

corresponding

private

key
is
not

included

in

the

CSR,

but

is

used

to

digitally

sign

the

request.

The

CSR

may

be

accompanied

by
other
credentials

or

proofs

of

identity

required

by

the

certificate

authority,

and

the

certificate

authority
may
contact

the

applicant

for

more

information.
If
the

request

is

successful,

the

certificate

authority

returns

a

digitally

signed

(with

the

private

key

of

the
certificate
authority)

identity

certificate.
CSR
parameters

define

the

distinguished

name

attributes

the

ACE

applies

to

the

CSR

during

the
CSR-generating
process.

These

attributes

provide

the

certificate

authority

with

the

information

it

needs
to
authenticate

your

site.

Defining

a

CSR

parameter

set

lets

you

to

generate

multiple

CSRs

with

the

same
distinguished
name

attributes.
Each
context

on

t

he

ACE

can

contain

up

to

ei

ght

CSR

parameter

set

s.
Use
t

his

procedure

t

o

define

the

di

stinguished

name

at

tributes

for

SSL

CSRs.
Procedure
Step
1
Choose
the

item

to

configure:


To
configure

a

virtual

context,

choose
Config
>

Devices

>

context

>

SSL

>

CSR

Parameters.


To
configure

a

building

block,

choose
Config
>
Global
>
building_block
>
SSL
>
CSR
Parameters.
The
CSR

Parameters

table

appears.
Step
2
In
the
CSR

Parameters

table,

click
Add
to

add

new

set

of

CSR

attributes,

or

choose

an

existing

entry

to
modify
and

cl

ick

Edit.
The
CSR

Parameters

configuration

window

appears.