C H A P T E R 3 Client Authentication
3-19
Next, import the client CA certificate for Map ID 2.
Intel 7115> import client_ca 2
Import protocol: (paste, xmodem, uudecode)
[paste]: <Enter>
Type or paste in data, end with ... alone on line
-----BEGIN CERTIFICATE-----
MIIDxzCCAzCgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBpDEL
MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExEjAQ
BgNVBAcTCVNhbiBEaWVnbzEUMBIGA1UE
.
.
.
XcCabZcfBRuYcZeUoNrGUl8tD80jp2YNG1vidgLEaD1YCli5
I9/mNrcB25mSfdAR
/08ROTMxm4VKOSA=
-----END CERTIFICATE-----<Enter>
...<Enter>
Verify the import by using the list map command again. Note that the
Client Auth column now shows client authentication for Map ID 2
enabled.
Intel 7115> list map
Map Net Ser Cipher Re- Client
ID KeyID Server IP Port Port Suites direct Auth
== ===== ========= ==== ==== ====== ===== ====
1 default Any 443 80 all(v2+v3) n n
2 sample 10.1.2.57 443 80 med(v2+v3) n y
Clients connecting to “map 2” are required to present a client
certificate signed by the CA whose certificate was imported above. If
they do not present a properly signed certificate, their connection
attempt is refused.