Specifications
RoamAbout Mobility System Software Configuration Guide 16-1
16
Managing Keys and Certificates
Adigitalcertificateisaformofelectronicidentificationforcomputers.TheRoamAboutswitch
requiresdigitalcertificatestoauthenticateitscommunicationstoRoamAboutSwitchManager
andWebView,toWebAAAclients,andtoExtensibleAuthenticationProtocol(EAP)clientsfor
whichtheRoamAboutswitchperformsallEAPprocessing.Certificatescanbegenerated
onthe
RoamAboutswitchorobtainedfromacertificateauthority(CA).Keyscontainedwithinthe
certificatesallowtheRoamAboutswitch,itsservers,anditswirelessclientstoexchange
informationsecuredbyencryption.
Why Use Keys and Certificates?
CertainRoamAboutswitchoperationsrequiretheuseofpublic‐privatekeypairsanddigital
certificates.AllRoamAboutSwitchManagerandWebViewusers,and usersforwhichthe
RoamAboutswitchperformsIEEE 802.1XEAPauthenticationorWebAAA,requirepublic‐private
keypairsanddigitalcertificatestobeinstalledontheRoamAboutswitch.
Thesekeysandcertificatesarefundamentaltosecuringwireless,wiredauthentication,and
administrativeconnectionsbecausetheysupportWi‐FiProtectedAccess(WPA)encryptionand
dynamicWired‐EquivalencyPrivacy(WEP)encryption.
For information about... Refer to page...
Why Use Keys and Certificates? 16-1
About Keys and Certificates 16-2
Creating Keys and Certificates 16-5
Displaying Certificate and Key Information 16-11
Key and Certificate Configuration Scenarios 16-11
Notes:
• If the switch does not already have certificates, MSS automatically generates the missing ones
the first time you boot using MSS Version 4.2 or later. You do not need to install certificates unless
you want to replace the ones automatically generated by MSS. (For more information, see
“Certificates Automatically Generated by MSS” on page 16-5.)
• Before installing a new certificate, verify with the show timedate and show timezone commands
that the RoamAbout switch switch is set to the correct date, time, and time zone. Otherwise,
certificates might not be installed correctly.