Certificate enrollment via SCEP / Configuration of SCEP
Parent topic: Configuration of SCEP

Configuring the certificate table

The configuration is carried out with LANconfig under Certificates > SCEP client with the button Certificate table.

Name
The certificate's configuration name.
CA distinguished name
Distinguished name of the CA. With this parameter the CAs are assigned to system certificates (and vice versa) on the one hand. On the other hand this parameter is also important for evaluating whether received or available certificates match with the configuration. You can also use reserved characters by using a preceding backslash ("\"). The supported reserved characters are:
  • Comma (",")
  • Slash ("/")
  • Plus ("+")
  • Semicolon (";")
  • Equals ("=")
You can also use the following internal firmware variables:
  • %% inserts a percent sign.
  • %f inserts the version and the date of the firmware currently active in the device.
  • %r inserts the hardware release of the device.
  • %v inserts the version of the loader currently active in the device.
  • %m inserts the MAC address of the device.
  • %s inserts the serial number of the device.
  • %n inserts the name of the device.
  • %l inserts the location of the device.
  • %d inserts the type of the device.
Subject
Distinguished name of the subject of the requester.
Challenge password
Password (for the automatic issue of device certificates on the SCEP server).
Subject alt. name (SAN)
Further information about the requester, e.g. domain or IP address.
Key usage
Any comma-separated combination of:
  • digitalSignature
  • nonRepudiation
  • keyEncipherment
  • dataEncipherment
  • keyAgreement
  • keyCertSign
  • cRLSign
  • encipherOnly
  • decipherOnly
  • critical (possible but not recommended)
Extended key usage
Any comma-separated combination of:
  • critical
  • serverAuth
  • clientAuth
  • codeSigning
  • emailProtection
  • timeStamping
  • msCodeInd
  • msCodeCom
  • msCTLSign
  • msSGC
  • msEFS
  • nsSGC
  • 1.3.6.1.5.5.7.3.18 for WLAN controllers
  • 1.3.6.1.5.5.7.3.19 for access points in managed mode
Key length
The key length in bits. Possible values:
  • 1024
  • 2048
  • 4096
  • 8192
Usage type
Indicates the intended application of the specified certificates. The certificates entered here are only queried for the corresponding application. Possible values:
  • VPN
  • WLAN controller
  • EAP/TLS
  • CA
  • Default certificate
Parent topic: Configuration of SCEP

www.lancom-systems.com

LANCOM Systems GmbH | A Rohde & Schwarz Company | Adenauerstr. 20/B2 | 52146 Wuerselen | Germany | E‑Mail info@lancom.de

LANCOM Logo