3com WXR100 3CRWXR10095A User Manual

C

HAPTER

 15: C

RYPTOGRAPHY

 C

OMMANDS

Installs one of the WX switch’s PKCS #7 certificates into the certificate 
and key storage area on the WX switch. The certificate, which is issued 
and signed by a certificate authority, authenticates the WX switch either 
to 3WXM or Web Manager, or to 802.1X supplicants (clients).

Syntax — 

crypto certificate  {admin | eap | web} 

PEM-formatted certificate

„

 — Stores the certificate authority’s administrative certificate, 

which authenticates the WX switch to 3WXM or Web Manager.

„

 — Stores the certificate authority’s Extensible Authentication 

Protocol (EAP) certificate, which authenticates the WX switch to 
802.1X supplicants (clients).

„

 — Stores the certificate authority’s WebAAA certificate, which 

authenticates the WX to clients who use WebAAA.

„

 — ASCII text representation of the 

PKCS #7 certificate, consisting of up to 5120 characters, that you 
have obtained from the certificate authority.

Defaults — None.

Access — Enabled.

History —Introduced in MSS Version 3.0. Webaaa option renamed to 
web in MSS Version 4.1.

Usage — To use this command, you must already have generated a 
certificate request with the crypto generate request command, sent 
the request to the certificate authority, and obtained a signed copy of the 
WX switch certificate as a PKCS #7 object file. Then do the following:

1 Open the PKCS #7 object file with an ASCII text editor such as Notepad 

or vi.

2 Enter the crypto certificate command on the CLI command line.

3 When MSS prompts you for the PEM-formatted certificate, paste the 

PKCS #7 object file onto the command line. 

The WX switch verifies the validity of the public key associated with this 
certificate before installing it, to prevent a mismatch between the WX 
switch’s private key and the public key in the installed certificate.