login about faq

Do you have any general Guidelines for use of DoD PKI Certificates within the SSH Tectia environment which would explain necessary prerequisites for getting started as well as high-level steps for usage and ensuring compatibility?

asked Dec 17 '10 at 09:36

SSH%20KB's gravatar image

SSH KB ♦
509249246237


The guidelines presented here for the usage DoD PKI certificates in the SSH Tectia Server environment are based on traditional server certificate authentication:

http://www.tectia.com/manuals/server-admin/61/serverauth-cert.html

DoD PKI environments can easily leverage their existing SSL certificates within the SSH Tectia Server environment. In the following instructions we are using the server certificate that the client will be verifying as part of the authentication phase. Also please note that certain steps may require assistance from your DoD PKI administrator.

The following steps can be followed:

  1. Enroll for or obtain existing DoD PKI SSL certificate. (In case of new enrollment you will need to include the fully qualified domain name in either the subject or in the SubjectAltName of the certificate). This step may require DoD PKI administrator assistance.

  2. Extract the DoD certificate (Please contact your DoD PKI Administrator for assistance as necessary) into PKCS #12 format

  3. Use either the SSH Tectia Server Configuration GUI to import the key pair or use ssh-keygen-g3 utility (with -k option).

  4. Configure the server for server authentication (see above link).

link

answered Dec 17 '10 at 09:39

SSH%20KB's gravatar image

SSH KB ♦
509249246237

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×10

Asked: Dec 17 '10 at 09:36

Seen: 3,309 times

Last updated: Dec 17 '10 at 09:39

All user contributed content licensed under the cc-by-sa license.
Powered by OSQA.