Nortel Networks NN47250-500 User Manual
530 Managing keys and certificates
NN47250-500 (Version 03.01)
Installing a key pair and certificate from a PKCS #12 object file
PKCS object files provide a file format for storing and transferring storing data and cryptographic information.
(For more information, see
(For more information, see
.) A PKCS #12
object file, which you obtain from a CA, includes the private key, a certificate, and optionally the CA’s own
certificate.
certificate.
After transferring the PKCS #12 file from the CA via FTP and generating a one-time password to unlock it,
you store the file in the WSS switch’s certificate and key store. To set and store a PKCS #12 object file, follow
these steps:
you store the file in the WSS switch’s certificate and key store. To set and store a PKCS #12 object file, follow
these steps:
1
Copy the PKCS #12 object file to nonvolatile storage on the WSS. Use the following command:
copy tftp://filename local-filename
2
Enter a one-time password (OTP) to unlock the PKCS #12 object file. The password must be
the same as the password protecting the PKCS #12 file.
the same as the password protecting the PKCS #12 file.
The password must contain at least 1 alphanumeric character, with no spaces, and must not
include the following characters:
include the following characters:
●
Quotation marks (““)
●
Question mark (?)
●
Ampersand (&)
To enter the one-time password, use the following command:
crypto otp {admin | eap | web} one-time-password
3
Unpack the PKCS #12 object file into the certificate and key storage area on the WSS. Use the
following command:
following command:
crypto pkcs12 {admin | eap | web} filename
The filename is the location of the file on the WSS.
Note.
On a WSS that handles communications to or from Microsoft Windows
clients, use a one-time password of 31 characters or fewer.
Note.
WSS Software erases the OTP password entered with the crypto otp
command when you enter the crypto pkcs12 command.