User`s manual

ManualsBrandsD-Link ManualsComputer equipmentDWL-8220AP - AirPremier Wireless Switch Dualband Access Point

261

262

263

264

265

266

267

268

269

270

263

DWS-1008 User’s Manual

D-Link Systems, Inc.

Managing Keys and Certicates

Installing a CA’s Own Certicate

If you installed a CA-signed certicate from a PKCS #7 le, you must also install the PKCS #7

certicate of that CA. (If you used the PKCS #12 method, the CA’s certicate is usually

included with the key pair and server certicate.)

To install a CA’s certicate, use the following command:

crypto ca-certicate {eap} PEM-formatted-certiﬁcate

When prompted, paste the certicate under the prompt. For example:

DWS-1008# crypto ca-certicate eap

Enter PEM-encoded certiﬁcate

-----BEGIN CERTIFICATE-----

MIIDwDCCA2qgAwIBAgIQL2jvuu4PO5FAQCyewU3ojANBgkqhkiG9wOBAQUFADCB

mzerMClaweVQQTTooewi\wpoer0QWNFNkj90044mbdrl1277SWQ8G7DiwYUtrqoQplKJ

.....

Lm8wmVYxP56M;CUAm908C2foYgOY40=

-----END CERTIFICATE-----

Displaying Certicate and Key Information

To display information about certicates installed on an switch, use the following

commands:

show crypto ca-certicate {eap}

show crypto certicate {eap}

For example, to display information about an administrative certicate, type the following

command:

DWS-1008# show crypto certicate eap

Certiﬁcate:

Version: 3

Serial Number: 999 (0x3e7)

Subject: C=US, ST=CA, L=PLEAS, O=TRPZ, OU=SQA, CN=BOBADMIN/

emailAddress=BOBADMIN, unstructuredName=BOB

Signature Algorithm: md5WithRSAEncryption

Issuer: C=US, ST=CA, L=PLEAS, O=TRPZ, OU=SQA, CN=BOBADMIN/

emailAddress=BOBADMIN, unstructuredName=BOB

Validity:

Not Before: Oct 19 01:57:13 2004 GMT

Not After : Oct 19 01:57:13 2005 GMT

The last two rows of the display indicate the period for which the certicate is valid. Make sure

the date and time set on the switch are within the date and time range of the certicate.