login about faq

Do you have any general Guidelines for use of DoD PKI Certificates within the SSH Tectia environment which would explain necessary prerequisites for getting started as well as high-level steps for usage and ensuring compatibility?

asked Dec 17 '10 at 09:36

SSH%20KB's gravatar image


The guidelines presented here for the usage DoD PKI certificates in the SSH Tectia Server environment are based on traditional server certificate authentication:


DoD PKI environments can easily leverage their existing SSL certificates within the SSH Tectia Server environment. In the following instructions we are using the server certificate that the client will be verifying as part of the authentication phase. Also please note that certain steps may require assistance from your DoD PKI administrator.

The following steps can be followed:

  1. Enroll for or obtain existing DoD PKI SSL certificate. (In case of new enrollment you will need to include the fully qualified domain name in either the subject or in the SubjectAltName of the certificate). This step may require DoD PKI administrator assistance.

  2. Extract the DoD certificate (Please contact your DoD PKI Administrator for assistance as necessary) into PKCS #12 format

  3. Use either the SSH Tectia Server Configuration GUI to import the key pair or use ssh-keygen-g3 utility (with -k option).

  4. Configure the server for server authentication (see above link).


answered Dec 17 '10 at 09:39

SSH%20KB's gravatar image


Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported



Asked: Dec 17 '10 at 09:36

Seen: 4,690 times

Last updated: Dec 17 '10 at 09:39

All user contributed content licensed under the cc-by-sa license.
Powered by OSQA.