Hub/Switch Reference Guide
479
Nortel WLAN—Security Switch 2300 Series Command Line Reference
Cryptography Commands
A digital certificate is a form of electronic identification for computers. The WSS requires digital certificates to authen-
ticate its communications to WLAN Management Software and Web View, to Web-based AAA clients, and to
Extensible Authentication Protocol (EAP) clients for which the WSS performs all EAP processing. Certificates can be
generated on the WSS or obtained from a certificate authority (CA). Keys contained within the certificates allow the
WSS, its servers, and its wireless clients to exchange information secured by encryption.
This chapter presents cryptography commands alphabetically. Use the following table to locate commands in this
chapter based on their use.
Note. If the switch does not already have certificates, WSS Software automatically
generates the missing ones the first time you boot using WSS Software Version 4.1 or later.
You do not need to install certificates unless you want to replace the ones automatically
generated by WSS Software. (For more information, see the “Certificates Automatically
Generated by WSS Software” section in the “Managing Keys and Certificates” chapter of the
Nortel WLAN Security Switch 2300 Series Configuration Guide.)
Note. Before installing a new certificate, verify with the show timedate and show
timezone commands that the WSS is set to the correct date, time, and time zone.
Otherwise, certificates might not be installed correctly.
Encryption Keys crypto generate key on page 472
show crypto key domain on page 481
show crypto key ssh on page 481
PKCS #7 Certificates crypto generate request on page 473
crypto ca-certificate on page 470
show crypto ca-certificate on page 479
crypto certificate on page 471
show crypto certificate on page 480
PKCS #12 Certificate crypto otp on page 476
crypto pkcs12 on page 477
Self-Signed Certificate crypto generate self-signed on page 475