Nortel Networks 4050 Manuel D’Utilisation

Chapter 11 Managing certificates 571

Nortel Secure Network Access Switch 4050 User Guide

 

You can install new certificates or import or renew existing certificates.

The Nortel SNAS 4050 supports importing, saving, and exporting private keys 
and certificates in a number of standard formats. 

 summarizes the 

supported formats.

Note: The Nortel SNAS 4050 supports keys and certificates created by 
using Apache-SSL, OpenSSL, or Stronghold SSL. However, for greater 
security, Nortel recommends creating keys and generating certificate 
signing requests from within the Nortel SNAS 4050 system using the 
CLI or SREM. This way, the encrypted private key never leaves the 
Nortel SNAS 4050 and is invisible to the user.

Supported key and certificate formats (Sheet 1 of 2)

PEM*

Yes

Yes

Encrypts the private key. Combines the private key and 
certificate in the same file.

DER

Yes

Yes

Does not encrypt the private key. Allows you to store 
the private key and certificate in separate files.

NET

Yes

Yes

Encrypts the private key. Allows you to store the 
private key and certificate in separate files.

PKCS12

(also known as PFX)

Yes

Yes

Encrypts the private key. Combines the private key and 
certificate in the same file. Most browsers allow 
importing a combined key and certificate file in the 
PKCS12 format.

PKCS7

Yes

No

Certificate only.

PKCS8

Yes

No

Key only (used in WebLogic).

MS IIS 4

Yes

No

Key only (proprietary format).

*You must use the PEM format when: 

•

you save keys and certificates by copying

•

you add a key or certificate by pasting