Operation Manual

ManualsBrandsTrapeze smart mobile ManualsSoftwareMobility System Software 7.3

421

422

423

424

425

426

427

428

429

430

Cryptography Commands

Mobility System Software Command Reference Guide

Version 7.3

16 – 416

Defaults

None.

Access

Enabled.

History

Usage

The password allows the public-private key pair and certificate to be installed together

from the same PKCS #12 object file. MSS erases the one-time password after processing the

crypto pkcs12 command or when you reboot the MX.

Trapeze Networks recommends that you create a password that is memorable to you but is not

subject to easy guesses or a dictionary attack. For best results, create a password of alphanumeric

uppercase and lowercase characters.

Examples

The following command creates the one-time password hap9iN#ss for installing an

EAP certificate and key pair:

MX# crypto generate otp eap hap9iN#ss

OTP set

See Also

crypto pkcs12 on page 16-416

crypto pkcs12

Unpacks a PKCS #12 object file into the certificate and key storage area on the MX. This object

file contains a public-private key pair, an MX certificate signed by a certificate authority, and the

certificate authority’s certificate.

Syntax

crypto pkcs12 {admin | eap | web} file-location-url

web Creates a one-time password for installing a PKCS #12 object file for a WebAAA

certificate and key pair—and optionally the certificate authority’s own

certificate—to authenticate the MX to WebAAA clients.

one-time-password Password of at least 1 alphanumeric character, with no spaces, for clients other

than Microsoft Windows clients. The password must be the same as the

password protecting the PKCS #12 object file.

Note: On an MX providing communication to and from Microsoft

Windows clients, use a one-time password of 31 characters or fewer.

The following characters cannot be used as part of the one-time password of a

PKCS #12 file:

❑ Quotation marks (“ ”)

❑ Question mark (?)

❑ Ampersand (&)

Version 1.0 Command introduced

Version 3.0 webaaa option added

Version 4.1 webaaa option renamed to web

admin Unpacks a PKCS #12 object file for an administrative certificate and key pair—

and optionally the certificate authority’s own certificate—for authenticating the

MX to RingMaster or Web View.

eap Unpacks a PKCS #12 object file for an EAP certificate and key pair—and

optionally the certificate authority’s own certificate—for authenticating the MX

to 802.1X supplicants (clients).