Contents
1 Introduction
This document describes how to configure an enrollment server group.
The configuration of an EnrollmentServerGroup Managed Object (MO) includes the configuration of EnrollmentServer MOs.
Enrollment servers are the front end of enrollment authorities. These servers are the termination points of the Certificate Management Protocol (CMP).
The CertM MO supports the grouping of enrollment servers for load balancing. Those enrollment servers that can interchangeably be used by online enrollments are to be specified in the same EnrollmentServerGroup MO.
1.1 Prerequisites
This section describes the prerequisites, which must be fulfilled before using the procedure.
1.1.1 Conditions
The following conditions must apply:
- The user has the System Security Administrator role.
- An Ericsson Command-Line Interface (ECLI) session in Exec mode is in progress.
2 Procedure
To configure an enrollment server group:
- Navigate to the CertM MO, for example:
>dn ManagedElement=NODE06ST,SystemFunctions=1,SecM=1,CertM=1
- Enter Config mode:
(CertM=1)>configure
- Create the EnrollmentServerGroup MO, for example:
(config-CertM=1)>EnrollmentServerGroup=1
- Create an EnrollmentServer MO, for example:
(config-EnrollmentServerGroup=1)>EnrollmentServer=1
- Set attribute uri. Examples
for CMP:
- (config-EnrollmentServer=1)>uri=http://192.0.2.10:8080
- (config-EnrollmentServer=1)>uri=cmp://192.0.2.10
- Set attribute protocol:
(config-EnrollmentServer=1)>protocol=CMP
CMP is currently the only supported protocol for the online enrollments.
- Commit the settings:
(config-EnrollmentServer=1)>commit
- Verify the settings:
(EnrollmentServer=1)>show -v
The following is an example output:
EnrollmentServer=1 [...] enrollmentServerId="1" protocol=CMP uri="cmp://192.0.2.10" userLabel=[] <empty>
- Is another enrollment server to be added?
Yes: Continue with the next step.
No: Job is completed.
- Enter Config mode:
(EnrollmentServer=1)>configure
- Navigate to the EnrollmentServerGroup:
(EnrollmentServer=1)>up
- Proceed with Step 4.