1-4SSL Server Policy Configuration ExampleNetwork requirementsz The switch offers Web authentication to preform access authentication for clients.z The client opens the authentication page in SSL-based HTTPS mode, thus guaranteeinginformation transmission security.z A CA issues a certificate to Switch.In this instance, Windows Server works as the CA and the Simple Certificate Enrollment Protocol(SCEP) plug-in is installed on the CA.Figure 1-3 Network diagram for SSL server policy configurationConfiguration procedure1) Request a certificate for Switch# Create a PKI entity named en and configure it. system-view[Switch] pki entity en[Switch-pki-entity-en] common-name http-server1[Switch-pki-entity-en] fqdn ssl.security.com[Switch-pki-entity-en] quit# Create a PKI domain and configure it.[Switch] pki domain 1[Switch-pki-domain-1] ca identifier ca1[Switch-pki-domain-1] certificate request url http://10.1.2.2/certsrv/mscep/mscep.dll[Switch-pki-domain-1] certificate request from ra[Switch-pki-domain-1] certificate request entity en[Switch-pki-domain-1] quit# Create the local RSA key pairs.[Switch] public-key local create rsa# Retrieve the CA certificate.[Switch] pki retrieval-certificate ca domain 1# Request a local certificate.