Manualshelf

Specifications

ManualsBrandsExtreme Networks ManualsComputer equipmentAltitude 3500 Series
81828384858687888990
System Configuration
Altitude 3500 Series Access Point Product Reference Guide
82
Creating a Certificate for Onboard RADIUS Authentication
The AP35xx can use its on-board RADIUS Server to generate certificates to authenticate MUs for use
with the access point. In addition, a Windows 2000 or 2003 Server is used to sign the certificate before
downloading it back to the access point’s on-board RADIUS server and loading the certificate for use
with the access point.
Both CA and Self Certificate are required for Onboard RADIUS Authentication. For information on CA
Certificates, see “Importing a CA Certificate” on page 78. Ensure the certificate is in a Base 64 Encoded
format or risk loading an invalid certificate.
CAUTION
If using the RADIUS time-based authentication feature to authenticate access point user permissions,
ensure the access point’s time is synchronized with the CA server used to generate certificate requests.
CAUTION
Self certificates can only be generated using the access point GUI and CLI interfaces. No functionality
exists for creating a self-certificate using the access point’s SNMP configuration option.
To create a self certificate for on-board RADIUS authentication:
1 Select System Configuration > Certificate Mgmt > Self Certificates from the AP35xx menu tree.
2 Click on the Add button to create the certificate request.
The Certificate Request screen displays.
3 Complete the request form with the pertinent information.
Key ID (required) Enter a logical name for the certificate to help distinguish
between certificates. The name can be up to 7 characters
in length.
Subject (required) The required Subject value contains important information
about the certificate. Contact the CA signing the certificate
to determine the content of the Subject parameter.
Department Optionally enter a value for your organizations’s
department name if needing to differentiate the certificate
from similar certificates used in other departments within
your organization.
Organization Optionally enter the name of your organization for
supporting information for the certificate request.
City Optionally enter the name of the City where the access
point (using the certificate) resides.
State Optionally enter the name of the State where the access
point (using the certificate) resides.
Postal Code Optionally enter the name of the Postal (Zip) Code where
the access point (using the certificate) resides.
Country Code Optionally enter the access point’s Country Code.
Email Enter an organizational email address (avoid using a
personal address if possible) to associate the request with
the proper requesting organization.