Hub/Switch Reference Guide
488 Cryptography Commands
NN47250-100 (Version 02.51)
Defaults
The password you enter with the crypto otp command must be the same as the one
protecting the PKCS #12 file.
Access
Enabled.
History
Usage
To use this command, you must have already created a one-time password with the crypto
otp command.
You must also have the PKCS #12 object file available. You can download a PKCS #12 object file via TFTP
from a remote location to the local nonvolatile storage system on the WSS.
Examples
The following commands copy a PKCS #12 object file for an EAP certificate and key
pair—and optionally the certificate authority’s own certificate—from a TFTP server to nonvolatile
storage on the WSS, create the one-time password hap9iN#ss, and unpack the PKCS #12 file:
WSS# copy tftp://192.168.253.1/2048full.p12 2048full.p12
success: received 637 bytes in 0.253 seconds [ 2517 bytes/sec]
WSS# crypto otp eap
hap9iN#ss
OTP set
WSS# crypto pkcs12 eap 2048full.p12
Unwrapped from PKCS12 file:
keypair
device certificate
CA certificate
See Also
crypto otp on page 476
web Unpacks a PKCS #12 object file for a Web-based AAA certificate
and key pair—and optionally the certificate authority’s own
certificate—for authenticating the WSS to Web-based AAA clients.
file-location-url Location of the PKCS #12 object file to be installed. Specify a
location of between 1 and 128 alphanumeric characters, with no
spaces.
Version 4.1 webaaa option renamed to web