Certificate and Certificate Groups
Use certificate objects to configure the certificates you use for your SunScreen host and for remote hosts that communicate securely through your SunScreen.
Note -
Changes to the certificate object that pertain to loading into SKIP take effect immediately without having to be saved. Changes to the certificate object as stored in the common objects do not take effect immediately and must be saved and only take effect when the policy in which they are used is activated. For example, in adding a new certificate, (the certificate is created and loaded immediately into SKIP, but the name has not been saved as part of the common objects and must be saved. Renaming a certificate only affects the common objects and must be saved.
The certificate object provides a way to associate a usable name with a SKIP certificate name space ID/master key ID (NSID/MKID) pair. This naming facility makes using certificates easier, as well as isolating the Screen configuration from exact SKIP names. The certificate group allows grouping single certificates that you want to use together.
Generate Screen Certificate
This task generates a certificate for the Screen.
Associate MKID
This task is also called the certificate ID and assigns a name to a certificate that already exists (typically on another machine). You associate a certificate ID when you want to encrypt communication between two screens or between a screen and an Administration Station.
- © 2010, Oracle Corporation and/or its affiliates