Specifications

ManualsBrandsEnterasys ManualsComputer equipmentRoamAbout RBT-8100

341

342

343

344

345

346

347

348

349

350

Key and Certificate Configuration Scenarios

16-14 Managing Keys and Certificates

5. UnpackthePKCS #12objectfilesintothecertificateandkeystorageareaontheRoamAbout

switch.Usethefollowingcommand:

crypto pkcs12 {admin | eap | web} filename

ThefilenameisthelocationofthefileontheRoamAboutswitch.

Forexample:

RBT-8100# crypto pkcs12 admin 2048admn.p12

Unwrapped from PKCS12 file:

keypair

device certificate

CA certificate

RBT-8100# crypto pkcs12 eap 20481x.p12

Unwrapped from PKCS12 file:

keypair

device certificate

CA certificate

RBT-8100# crypto pkcs12 web 2048web.p12

Unwrapped from PKCS12 file:

keypair

device certificate

CA certificate

Installing CA-Signed Certificates Using a PKCS #10 Object File (CSR)

and a PKCS #7 Object File

ThisscenarioshowshowtouseCSRstoinstallpublic‐privatekeypairs,CA‐signedcertificates,

andCAcertifiesforadministrativeaccess,802.1X(EAP)access,andWeb AAAaccess.

1. Settimeanddateparameters,ifnotalreadyset.(See“ConfiguringandManagingTime

Parameters”onpage 5‐20.)

2. Generatepublic‐privatekeypairs:

RBT-8100# crypto generate key admin 1024

key pair generated

RBT-8100# crypto generate key eap 1024

key pair generated

RBT-8100# crypto generate key web 1024

key pair generated

3. CreateaCSR(PKCS #10objectfile)torequestanadministrativecertificate:

RBT-8100# crypto generate request admin

Country Name: US

State Name: CA

Locality Name: Cambria

Organizational Name: example

Organizational Unit: eng

Common Name: RAS-2

Note: MSS erases the OTP password entered with the crypto otp command when you enter the

crypto pkcs12 command.