Login
- Table of Contents
-
- H3C SecPath Security Products FAQ(V7)-6W101
- 00-Preface
- 01-AFT FAQ
- 02-Anti-virus FAQ
- 03-Application audit and management FAQ
- 04-APR FAQ
- 05-ASPF FAQ
- 06-Attack detection and prevention FAQ
- 07-Bandwidth management FAQ
- 08-Data analysis center FAQ
- 09-Data filtering FAQ
- 10-Device forwarding FAQ
- 11-DPI FAQ
- 12-FAQ on Intranet security comprehensive scoring (Security overview)
- 13-File filtering FAQ
- 14-IPsec FAQ
- 15-IPS FAQ
- 16-IRF FAQ
- 17-License management FAQ
- 18-Load balancing FAQ
- 19-Mirroring FAQ
- 20-NAT FAQ
- 21-NetShare control FAQ
- 22-PKI FAQ
- 23-RBM-based hot backup FAQ
- 24-Security zone FAQ
- 25-Security policy FAQ
- 26-SSL decryption FAQ
- 27-SSL VPN FAQ
- 28-System management and maintenance FAQ
- 29-URL filtering FAQ
- 30-User access and authentication FAQ
- 31-WAF FAQ
- 32-Web operations FAQ
- Related Documents
-
22-PKI FAQ
| Title | Size | Download |
|---|---|---|
| 22-PKI FAQ | 16.79 KB |
PKI FAQ
Q. Why does the usage configuration in the PKI domain not take effect?
A. By default, no extensions are specified for certificates in the PKI domain. A certificate can be used by IKE, SSL clients, and SSL servers. The usage command is used to specify the extensions for certificates. The extension options contained in an issued certificate depends on the CA policy, and might be different from those specified in the PKI domain. The usage configuration is not required in the PKI domain. If the usage command is configured in the PKI domain but does not take effect, please verify the actual extensions contained in the certificate issued by the CA server.
Q. Should I save the PKI configuration after requesting a certificate?
A. As a best practice, save the PKI configuration after requesting a certificate. Otherwise, malfunctioning might occur because of mismatch between the PKI configuration and requested certificate.
