Operation Manual

ManualsBrandsTrapeze smart mobile ManualsSoftwareMobility System Software 7.3

421

422

423

424

425

426

427

428

429

430

Cryptography Commands

16 – 417

Defaults

The password you enter with the crypto otp command must be the same as the one

protecting the PKCS #12 file.

Access

Enabled.

History

Usage

To use this command, you must have already created a one-time password with the crypto

otp command.

You must also have the PKCS #12 object file available. You can download a PKCS #12 object file

via TFTP from a remote location to the local nonvolatile storage system on the MX.

Examples

The following commands copy a PKCS #12 object file for an EAP certificate and key

pair—and optionally the certificate authority’s certificate—from a TFTP server to nonvolatile

storage on the MX, create the one-time password hap9iN#ss, and unpack the PKCS #12 file:

MX# copy tftp://192.168.253.1/2048full.p12 2048full.p12

success: received 637 bytes in 0.253 seconds [ 2517 bytes/sec]

MX# crypto otp eap hap9iN#ss

OTP set

MX# crypto pkcs12 eap 2048full.p12

Unwrapped from PKCS12 file:

keypair

device certificate

CA certificate

See Also

crypto otp on page 16-415

show crypto ca-certificate

Displays information about the certificate authority’s PEM-encoded PKCS #7 certificate.

Syntax

show crypto ca-certificate {admin | eap | web}

Defaults

None.

Access

Enabled.

web Unpacks a PKCS #12 object file for a WebAAA certificate and key pair—and

optionally the certificate authority’s own certificate—for authenticating the MX

switch to WebAAA clients.

file-location-url Location of the PKCS #12 object file to be installed. Specify a location of between

1 and 128 alphanumeric characters, with no spaces.

Version 1.0 Command introduced

Version 3.0 webaaa option added

Version 4.1 webaaa option renamed to web

admin Displays information about the certificate authority’s certificate that signed the administrative

certificate for the MX.

The administrative certificate authenticates the MX to RingMaster or Web View.

eap Displays information about the certificate authority’s certificate that signed the Extensible

Authentication Protocol (EAP) certificate for the MX.

The EAP certificate authenticates the MX to 802.1X supplicants (clients).

web Displays information about the certificate authority’s certificate that signed the WebAAA

certificate for the MX.

The WebAAA certificate authenticates the MX to WebAAA clients.