9-14
Device Manager Guide, Cisco ACE 4700 Series Application Control Engine Appliance
OL-26645-02
Chapter 9 Configuring SSL
Using SSL Keys
Step 4 Do the following:
• Click OK to accept your entries and to return to the Keys table. The ACE Appliance Device
Manager updates the Keys table with the imported key pair file information.
• Click Cancel to exit this procedure without saving your entries and to return to the Keys table.
Related Topics
• Configuring SSL, page 9-1
• Importing SSL Certificates, page 9-8
• Configuring SSL Parameter Maps, page 9-19
Table 9-5 SSL Key Pair Bulk Import Attributes
Field Description
Protocol SFTP is to be used to access the network server when importing the SSL key
pairs. SFTP is the only supported protocol for bulk import.
IP Address Enter the IPv4 address of the remote server on which the SSL key pair files
resides.
Remote Path Enter the path to the key pair files that reside on the remote server. The ACE
fetches only files specified by the path; it does not recursively fetch remote
directories. Enter a filename path including wildcards (for example,
/remote/path/*.pem). The ACE supports POSIX pattern matching notation,
as specified in section 2.13 of the “Shell and Utilities” volume of IEEE Std
1003.1-2004. This notation includes the “*,” “?” and “[” metacharacters.
To fetch all files from a remote directory, specify a remote path that ends
with a wildcard character (for example, /remote/path/*). Do not include
spaces or the following special characters:
;<>\|`@$&()
The ACE fetches all files on the remote server that matches the wildcard
criteria. However, it imports only files with names that have a maximum of
40 characters. If the name of a file exceeds 40 characters, the ACE does not
import the file and discards it.
User Name Enter the name of the user account on the network server.
Password Enter the password for the user account on the network server.
Confirm Reenter the password.
Passphrase Enter the passphrase that was created with the file. Without this phrase, you
cannot use the file. Passphrases are used only with encrypted PEM and
PKCS files.
Confirm Reenter the passphrase.
Non-Exportable Check this check box to specify that this certificate file cannot be exported
from the ACE. The ability to export SSL key pairs allows you to copy signed
certificates to another server on your network so that you can then import
them onto another ACE or Web server. Exporting is similar to copying in that
the original files are not deleted.
Comments to this Manuals