[c-nsp] CA Server vs Key Server (GetVPN)
David Barak
thegameiam at yahoo.com
Tue Dec 11 13:47:13 EST 2012
________________________________
From: henrry huaman <henry.huaman at yahoo.es>
>Hi Guys:
>Please, Could you help us with the diference between these devices?
>Currently we are testing GetVPN, but we don´t have CA Server; and we need to know if is necesary
>CA Server or the Key Server could replace the functionality of this.
Certificates are orthogonal to the KS functionality of GDOI (GetVPN), but you need
the KS to be on-line, while generally you'll want an off-line CA, so
you're probably better keeping those separate. I've had great success
with GDOI.
David Barak
Need Geek Rock? Try The Franchise:
http://www.listentothefranchise.com
More information about the cisco-nsp
mailing list