Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
258
Views
0
Helpful
1
Replies

how to get the keys on the client

kiksen1
Level 1
Level 1

‎07-08-2003 10:36 PM - edited ‎03-09-2019 03:57 AM

Hello All!

I am familiar with vpn technics, but not with the x.509 and pki topcs, I just started reading about that a couple of weeks ago.

If I want to do authentication with x.509 certificates, I have to get somehow the private key on the client.

I found something, that there are ways to generate the keys (public and private) on the client and the public key is send to a pki and the pki sends the x.509 certificate back to the vpn client. I think this is called a PKCS#10 request, but I am not sure about it.

Now my question is, are these technics a standard way to distribute certificates to vpn clients? Are there any standard protocols?

Thanks a lot!

Christian

Labels:
0 Helpful
1 Reply 1

jsivulka
Level 5
Level 5

‎07-14-2003 12:29 PM

I do not fully understand what you mean by 'standard protocols' but yes, these are widely accepted standards. For example, PKCS#7 and PKCS#10 were developed by RSA Data Security Inc and find wide acceptance in the industry today. The SCEP standard, which is used for certificate enrollment uses PKCS#7 and PKCS #10, was developed and is supprted by Cisco, Microsoft, Sun, Verisign and Entrust (among others) and can be found in ietf draft draft-nourse-scep-02.txt. To understand how to configure Certificate support on Cisco VPN Client, please see http://www.cisco.com/warp/public/471/unityclient-ios.html

0 Helpful
Customers Also Viewed These Support Documents