Tag archive: PKI

Usually if we mention about Public Key Infrastructure we think about external Certificate Authority like Verisign or GoDaddy. It turns out, there is a SCEP protocol that enables us running our own CA in Cisco environment and that certificates we may use during ISAKMP IKEv1 or IKv2 authentication.

Simple RSA Private/Public key is not enough to provide secure connection between Client and Server. How do we really know that the server we want  connect to is actually correct server, not a bogus one ? Private Key might be stolen and somebody else can easily pretend the server.  3rd party Certificate Authority and Public Key Infrastructure…