セコムのSSLサーバー証明書

証明書の設定Alteon Application Switch 2424-SSL
Alteon Application Accelarator 510 / 610 新規/更新用

設定に関する詳細については、各製品マニュアルをご参照ください。

サーバー証明書

>> Configuration# /cfg/cert 1

>> Certificate 1# cert
Paste the certificate, press Enter to create a new line, and then type "..." (without the quotation marks) to terminate.
> -----BEGIN CERTIFICATE-----
> MIIEDDCCAvSgAwIBAgIIRh5pC7EI0XEwDQYJKoZIhvcNAQEFBQAwXzELMAkGA1UE
> BhMCSlAxJTAjBgNVBAoTHFNFQ09NIFRydXN0IFN5c3RlbXMgQ08uLExURC4xKTAn
> BgNVBAMTIFNFQ09NIFBhc3Nwb3J0IGZvciBXZWIgU1IgMi4wIENBMB4XDTA4MDQw
<中略>

> um9yryiqISPtGENys/sBhG/Tr7rstZcVngV6P5wF8+wQweNJWtc8H/aKUejLPpPS
> N3l9Os9C0PpMhN4PxxxxBCFDq9/eMvwTe8o26axVTUyqUox48N4iYGfCMMCoxRTa
> 3iHwiGqkwSfRXC1TILtAZR6mLmPGMR2898ybPhqN2bs=
> -----END CERTIFICATE-----
> ...

------------------------------------------------------------
[Certificate 1 Menu]
name - Set certificate name
cert - Set certificate
key - Set private key
revoke - Revocation menu
gensigned - Generate signed client/server certificate
request - Generate certificate request
sign - Sign a certificate request
test - Generate test certificate and key
import - Import key and certificate with TFTP/FTP/SCP/SFTP
export - Export certificate and key with TFTP/FTP/SCP/SFTP
display - Display certificate and key
show - Show certificate information
info - Show certificate short information
subject - Show certificate subject information
validate - Check if key and certificate match
keysize - Show key size
keyinfo - Show how key is stored
del - Remove certificate
Certificate added.
Validate: key and certificate match.

>> Certificate 1# apply
Changes applied successfully.

チェーン証明書(中間CA証明書)

Cert 1 と中間証明書 Cert 2 でチェーンを構築する場合

1
中間証明書 SECOM Passport for Web SR 2.0 CAを Cert 2 にインストール

>> Certificate 2# cert
Paste the certificate, press Enter to create a new line, and then type "..." (without the quotation marks) to terminate.
> -----BEGIN CERTIFICATE-----
> MIIENjCCAx6gAwIBAgIEErmwvDANBgkqhkiG9w0BAQUFADBQMQswCQYDVQQGEwJK
> UDEYMBYGA1UEChMPU0VDT00gVHJ1c3QubmV0MScwJQYDVQQLEx5TZWN1cml0eSBD
> b21tdW5pY2F0aW9uIFJvb3RDQTEwHhcNMDgwMjI4MDg1MTE3WhcNMTgwMjI4MDg1
> MTE3WjBfMQswCQYDVQQGEwJKUDElMCMGA1UEChMcU0VDT00gVHJ1c3QgU3lzdGVt
> cyBDTy4sTFRELjEpMCcGA1UEAxMgU0VDT00gUGFzc3BvcnQgZm9yIFdlYiBTUiAy
> LjAgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtgd13+lCyPzhU
> 9ytqBCMd24QIbdxRQb8JAdeEr8h+kvlyRzVq1YXrLVqCcm9sEOY3nfzXCl+ZByQ9
> ULs299FQLThdv2tWLuZ5tFk+oAl+0I6oDO0Kw1v4ebXBI1qztfPy9uTkKqn/hlM+
> V8ydADZX8cKvNCtSaFdNoVfLKMYhulhKmadl5YUkPyNC58uWpQOXP6vqQFduH6dO
> JCVO7pKL8aXkj9yWVlQBF4xCB9/e08LCfpddnSXz5QTubjtPIyXOTHXg5OkZq1Uu
> rY3LuYvCJZFOCXivNTxfsadAneESC4Pgesj0r4GmPEOw5lmbzGYndUluOe+LIu2b
> maSUlI4JAgMBAAGjggEHMIIBAzAdBgNVHQ4EFgQUMJoAV5lEY2vJsvI9jYNrO9ed
> 72QwHwYDVR0jBBgwFoAUoHNJmWjchVtl45soL1efvTO8B0gwEgYDVR0TAQH/BAgw
> BgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwSQYDVR0fBEIwQDA+oDygOoY4aHR0cDov
> L3JlcG9zaXRvcnkuc2Vjb210cnVzdC5uZXQvU0MtUm9vdDEvU0NSb290MUNSTC5j
> cmwwUgYDVR0gBEswSTBHBgoqgwiMmxtkhwUBMDkwNwYIKwYBBQUHAgEWK2h0dHBz
> Oi8vcmVwb3NpdG9yeS5zZWNvbXRydXN0Lm5ldC9TQy1Sb290MS8wDQYJKoZIhvcN
> AQEFBQADggEBAE2zSxnE3viee1Q6aXe4Me1Q3PTSrS8IW693wSO+FDg5/S1O0dIp
> tp2tjnl2QRrVTN220VRou4wtsdkYdwO7RpEaKOzhuAAtjLUMoiTfdbpY/N2KwbRT
> EilDd+1Mc42xSR8UVr4RjW3WVTVVJUiKhOg+dDjifbo3ZGkUp2nZxkA+dLQju8Jx
> nys9aoiBEc4uvBKfyBjn+WMNJYfDhQW6nJ23p2lB7shngtMvA+ZDw1OKYFjWKhrA
> gJqXiVRA5iXFHo6vf6EQvzcTBR2K0EIY+Lv5ZKgFVgb6J3EPXHmQ/1pDoqe3bGhk
> ipQl7r5/eycMkkuZxTM9k+BicSmByyZ6p8g=
> -----END CERTIFICATE-----
> ...

------------------------------------------------------------
[Certificate 2 Menu]
name - Set certificate name
cert - Set certificate
key - Set private key
revoke - Revocation menu
gensigned - Generate signed client/server certificate
request - Generate certificate request
sign - Sign a certificate request
test - Generate test certificate and key
import - Import key and certificate with TFTP/FTP/SCP/SFTP
export - Export certificate and key with TFTP/FTP/SCP/SFTP
display - Display certificate and key
show - Show certificate information
info - Show certificate short information
subject - Show certificate subject information
validate - Check if key and certificate match
keysize - Show key size
keyinfo - Show how key is stored
del - Remove certificate
Certificate added.
Validate: key or certificate not defined.

>:> Certificate 2# apply
Changes applied successfully.

2
Cert 2 を Cert 1 の Cachain として設定する

>:> SSL Settings# .

------------------------------------------------------------
[SSL Settings Menu]
cert - Set server certificate
cachesize - Set SSL cache size
cachettl - Set SSL cache timeout
cacerts - Set list of accepted signers of client certificates
cachain - Set list of CA chain certificates
protocol - Set protocol version
verify - Set certificate verification level
verifylog - Set syslog detail for client certificate
ciphers - Set cipher list
ena - Enable SSL
dis - Disable SSL

>:> SSL Settings# cachain
Current value: ""
Enter certificate numbers (separated by comma): 2

>:> SSL Settings# apply
Changes applied successfully.