3com WXR100 3CRWXR10095A User Manual
564
C
HAPTER
15: C
RYPTOGRAPHY
C
OMMANDS
crypto certificate
Installs one of the WX switch’s PKCS #7 certificates into the certificate
and key storage area on the WX switch. The certificate, which is issued
and signed by a certificate authority, authenticates the WX switch either
to 3WXM or Web Manager, or to 802.1X supplicants (clients).
and key storage area on the WX switch. The certificate, which is issued
and signed by a certificate authority, authenticates the WX switch either
to 3WXM or Web Manager, or to 802.1X supplicants (clients).
Syntax —
crypto certificate {admin | eap | web}
PEM-formatted certificate
admin
— Stores the certificate authority’s administrative certificate,
which authenticates the WX switch to 3WXM or Web Manager.
eap
— Stores the certificate authority’s Extensible Authentication
Protocol (EAP) certificate, which authenticates the WX switch to
802.1X supplicants (clients).
802.1X supplicants (clients).
web
— Stores the certificate authority’s WebAAA certificate, which
authenticates the WX to clients who use WebAAA.
PEM-formatted certificate
— ASCII text representation of the
PKCS #7 certificate, consisting of up to 5120 characters, that you
have obtained from the certificate authority.
have obtained from the certificate authority.
Defaults — None.
Access — Enabled.
History —Introduced in MSS Version 3.0. Webaaa option renamed to
web in MSS Version 4.1.
web in MSS Version 4.1.
Usage — To use this command, you must already have generated a
certificate request with the crypto generate request command, sent
the request to the certificate authority, and obtained a signed copy of the
WX switch certificate as a PKCS #7 object file. Then do the following:
certificate request with the crypto generate request command, sent
the request to the certificate authority, and obtained a signed copy of the
WX switch certificate as a PKCS #7 object file. Then do the following:
1 Open the PKCS #7 object file with an ASCII text editor such as Notepad
or vi.
2 Enter the crypto certificate command on the CLI command line.
3 When MSS prompts you for the PEM-formatted certificate, paste the
PKCS #7 object file onto the command line.
The WX switch verifies the validity of the public key associated with this
certificate before installing it, to prevent a mismatch between the WX
switch’s private key and the public key in the installed certificate.
certificate before installing it, to prevent a mismatch between the WX
switch’s private key and the public key in the installed certificate.