Filter
Top Products
Contents
ix
Cisco Broadband Access Center 3.8 Administrator Guide
OL-27172-01
Local Redundancy 12-16
Regional Redundancy 12-16
DPE Load-Balancing 12-17
Using DNS Round Robin 12-17
Using a Hardware Load Balancer 12-17
Adding DPE to a Provisioning Group 12-18
CHAPTER
13 Configuring CWMP Service Security 13-1
Overview 13-1
Key and Certificate Management in Cisco BAC 13-2
Configuring SSL Service 13-3
Configuring DPE Keystore by Using the Keytool 13-3
Using the Keytool Commands 13-5
Generating Server Certificate Keystore and Private Key for a New Certificate 13-6
Displaying Self-Signed Certificate 13-7
Generating a Certificate-Signing Request 13-7
Importing Signing Authority Certificate into Cacerts Keystore 13-8
Importing the Signed Certificate into Server Certificate Keystore 13-9
Importing Certificates for Client Authentication 13-10
Configuring Security for DPE Services 13-11
Configuring SSL on a DPE 13-11
Enabling SSL for the CWMP Service 13-11
Enabling SSL for the HTTP File Service 13-12
Configuring CPE Authentication 13-13
Shared Secret Authentication 13-13
Client Certificate Authentication 13-16
External Client Certificate Authentication 13-16
Authentication Options in Cisco BAC 13-17
Configuring Security for RDU Services 13-18
RDU Authentication Mode Settings 13-19
TACACS+ Authentication and Authorization in RDU 13-19
Signed Configuration for Devices 13-20
Signature Expiration 13-20
Signature Regeneration 13-20
Configuration Interfaces 13-20
Monitoring the Signed Configuration Feature 13-21
Troubleshooting Signed Configuration Feature 13-22