Manualshelf

Hub/Switch Reference Guide

ManualsBrandsNortel Networks ManualsSwitch2300 Series
471472473474475476477478479480
480 Cryptography Commands
NN47250-100 (Version 02.51)
crypto ca-certificate
Installs a certificate authority’s own PKCS #7 certificate into the WSS certificate and key storage area.
Syntax
crypto ca-certificate {admin | eap | web} PEM-formatted-certificate
Defaults
None.
Access
Enabled.
History
Usage
The Privacy-Enhanced Mail protocol (PEM) format is used for representing a PKCS #7 certificate in
ASCII text. PEM uses base64 encoding to convert the certificate to ASCII text, then puts the encoded text
between the following delimiters:
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
To use this command, you must already have obtained a copy of the certificate authority’s certificate as a PKCS #7
object file. Then do the following:
1 Open the PKCS #7 object file with an ASCII text editor such as Notepad or vi.
2 Enter the crypto ca-certificate command on the CLI command line.
3 When WSS Software prompts you for the PEM-formatted certificate, paste the PKCS #7 object file onto
the command line.
Examples
The following command adds the certificate authority’s certificate to WSS certificate and key
storage:
WSS# crypto ca-certificate admin
Enter PEM-encoded certificate
-----BEGIN CERTIFICATE-----
MIIDwDCCA2qgAwIBAgIQL2jvuu4PO5FAQCyewU3ojANBgkqhkiG9wOBAQUFADCB
admin Stores the certificate authority’s certificate that signed the administrative
certificate for the WSS.
The administrative certificate authenticates the WSS to WLAN
Management Software or Web View.
eap Stores the certificate authority’s certificate that signed the Extensible
Authentication Protocol (EAP) certificate for the WSS.
The EAP certificate authenticates the WSS to 802.1X supplicants (clients).
web Stores the certificate authority’s certificate that signed the Web-based AAA
certificate for the WSS.
The Web certificate authenticates the WSS to clients who use Web-based
AAA.
PEM-formatted-
certificate
ASCII text representation of the certificate authority PKCS #7 certificate,
consisting of up to 5120 characters that you have obtained from the
certificate authority.
Version 4.1 webaaa option renamed to web