使用SCEP简化IPSec网络的密钥管理

IPSec (IP Security) are protocols that IETF develop to provide high-quality, interoperate, cryptography-based security data transmitting, it based on the technology of three-layer tunnel cryptographic. Generally, people have to configure the key manually, which block the implement of large-scale IPSec network. This article describes how to implement SCEP module which provide the services of enrolling certificates from CA on Vanlink router, thus the use of digital certificates can be a solution to the problem. Meanwhile, this article also describes how to enroll the certificates automatically in order to further simplify the key management of IPSec network.