Implementing IKE Task Map
Table 4–1 Implementing IKE Task Map|
Task |
Description |
For Instructions, Go To … |
|---|---|---|
|
Configure IKE with pre-shared keys |
Involves creating a valid IKE policy file and ike.preshared file. IPsec files are also set up before booting the system to use the IKE-generated keys. | |
|
Refresh pre-shared keys on a running IKE system |
Involves checking the IKE privilege level and editing the ipseckeys file with fresh keying material on communicating systems. | |
|
Add pre-shared keys to a running IKE system |
Involves checking the IKE privilege level and running the ikeadm command with fresh keying material on communicating systems. | |
|
Configure IKE with self-signed public key certificates |
Involves creating self–signed certificates with the ikecert certlocal -ks command, and adding the public key from a communicating system with the ikecert certdb command. | |
|
Configure IKE with a PKI Certificate Authority |
Involves sending output from the ikecert certlocal –kc command to a PKI organization, and installing the public key, CA, and CRL from the organization. |
How to Configure IKE With Public Keys Signed by a Certificate Authority |
|
Update the CA revocation lists |
Involves accessing a PKI organization's CRL from a central distribution point. | |
|
Use the Sun Crypto Accelerator 1000 card with IKE |
Involves setting the path to the PKCS#11 library for the device. |
- © 2010, Oracle Corporation and/or its affiliates