Contents
1 Description
This instruction describes how to configure an enrollment server group.
The configuration of an EnrollmentServerGroup Managed Object (MO) includes the configuration of EnrollmentServer MOs.
Enrollment servers are the front end of enrollment authorities. These servers are the termination points of the Certificate Management Protocol (CMP).
The CertM MO supports the grouping of enrollment servers for load balancing. Those enrollment servers that can interchangeably be used by online enrollments are to be specified in the same EnrollmentServerGroup MO.
2 Procedure
2.1 Configure Enrollment Server Group Together with Enrollment Servers
Prerequisites
- No documents are required.
- No tools are required.
- The following conditions must apply:
- The user has the System Security Administrator role.
- An Ericsson Command-Line Interface (ECLI) session in Exec mode is in progress.
Steps
- Navigate to the CertM MO, for example:
>dn ManagedElement=NODE06ST,SystemFunctions=1,SecM=1,CertM=1
- Enter Config mode:
(CertM=1)>configure
- Create the EnrollmentServerGroup MO, for example:
(config-CertM=1)>EnrollmentServerGroup=1
- Create an EnrollmentServer MO, for example:
(config-EnrollmentServerGroup=1)>EnrollmentServer=1
- Set attribute uri, for example:
(config-EnrollmentServer=1)>uri=http://192.0.2.10:8080
- Set attribute protocol:
(config-EnrollmentServer=1)>protocol=CMP
CMP is the only supported protocol for the online enrollments.
- Commit the settings:
(config-EnrollmentServer=1)>commit
- Verify the settings:
(EnrollmentServer=1)>show -v
The following is an example output:
EnrollmentServer=1 [...] enrollmentServerId="1" protocol=CMP uri="cmp://192.0.2.10" userLabel=[] <empty>
- Is another enrollment server to be added?
Yes: Continue with the next step.
No: Job is completed.
- Enter Config mode:
(EnrollmentServer=1)>configure
- Navigate to the EnrollmentServerGroup:
(EnrollmentServer=1)>up
- Proceed with Step 4.