3Com WX2200 3CRWX220095A Switch User Manual


 
20
MANAGING KEYS AND
CERTIFICATES
A digital certificate is a form of electronic identification for computers.
The WX switch requires digital certificates to authenticate its
communications to 3Com Wireless Switch Manager and Web Manager,
to WebAAA clients, and to Extensible Authentication Protocol (EAP)
clients for which the WX performs all EAP processing. Certificates can be
generated on the WX or obtained from a certificate authority (CA). Keys
contained within the certificates allow the WX, its servers, and its wireless
clients to exchange information secured by encryption.
If the switch does not already have certificates, MSS automatically
generates the missing ones the first time you boot using MSS Version 4.2
or later. You do not need to install certificates unless you want to replace
the ones automatically generated by MSS. (For more information, see
“Certificates Automatically Generated by MSS” on page 418.)
Before installing a new certificate, verify with the display timedate and
display timezone commands that the WX switch is set to the correct
date, time, and time zone. Otherwise, certificates might not be installed
correctly.
Why Use Keys and
Certificates?
Certain WX switch operations require the use of public-private key pairs
and digital certificates. All 3Com Wireless Switch Manager and Web
Manager users, and users for which the WX performs IEEE 802.1X EAP
authentication or WebAAA, require public-private key pairs and digital
certificates to be installed on the WX switch.
These keys and certificates are fundamental to securing wireless, wired
authentication, and administrative connections because they support
Wi-Fi Protected Access (WPA) encryption and dynamic Wired-Equivalency
Privacy (WEP) encryption.