User`s manual

ManualsBrandsD-Link ManualsComputer equipmentDWL-8220AP - AirPremier Wireless Switch Dualband Access Point

271

272

273

274

275

276

277

278

279

280

267

DWS-1008 User’s Manual

D-Link Systems, Inc.

Managing Keys and Certicates

Installing CA-Signed Certicates Using a PKCS #10 Object File (CSR)

and a PKCS #7 Object File

This scenario shows how to use CSRs to install public-private key pairs, CA-signed certicates,

and CA certies for 802.1X (EAP) access.

1. Set time and date parameters, if not already set.

2. Generate public-private key pairs:

DWS-1008# crypto generate key eap 1024

key pair generated

3. Create a CSR (PKCS #10 object le) to request an administrative certicate:

DWS-1008# crypto generate request eap

Country Name: US

State Name: CA

Locality Name: Cambria

Organizational Name: example

Organizational Unit: eng

Common Name: DWS-1008

Email Address: admin@example.com

Unstructured Name: wiring closet 12

CSR for eap is

-----BEGIN CERTIFICATE REQUEST-----

IIBdTCB3wIBADA2MQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExGjAYBgNVBAMU

EXRlY2hwdWJzQHRycHouY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4

...

2L8Q9tk+G2As84QYMwe9RJAjfbYM5bdWRUFiLzvK7BJgqBsCZz4DP00=

-----END CERTIFICATE REQUEST-----

4. Copy the CSR into the CA’s application.

Note: You must paste the entire block, from the beginning -----BEGIN CERTIFICATE

REQUEST----- to the end -----END CERTIFICATE REQUEST-----.

5. Transfer the signed eap certicate (PKCS #7 object le) from the CA to your computer.

6. Open the signed certicate le with a text editor. Copy the entire le from the rst hyphen

to the last.

7. To install the administrative certicate on the switch, type the following command to

display a prompt:

DWS-1008# crypto certicate eap

Enter PEM-encoded certiﬁcate