3Com WX2200 3CRWX220095A Switch User Manual


 
Key and Certificate Configuration Scenarios 427
Key and Certificate
Configuration
Scenarios
The first scenario shows how to generate self-signed certificates. The
second scenario shows how to install CA-signed certificates using
PKCS #12 object files, and the third scenario shows how to install
CA-signed certificates using CSRs (PKCS #10 object files) and PKCS #7
object files.
(For SSH configuration information, see “Managing SSH” on page 113.)
Creating Self-Signed
Certificates
To manage the security of the WX switch for administrative access by
3Com Wireless Switch Manager and Web Manager, and the security of
communication with 802.1X users and Web AAA users, create Admin,
EAP, and Web AAA public-private key pairs and self-signed certificates.
Follow these steps:
1 Set time and date parameters, if not already set. (See “Configuring and
Managing Time Parameters” on page 124.)
2 Generate public-private key pairs:
WX1200# crypto generate key admin 1024
key pair generated
WX1200# crypto generate key eap 1024
key pair generated
WX1200# crypto generate key web 1024
key pair generated
3 Generate self-signed certificates:
WX1200# crypto generate self-signed admin
Country Name: US
State Name: CA
Locality Name: San Francisco
Organizational Name: example
Organizational Unit: IT
Common Name: WX 6
Email Address: admin@example.com
Unstructured Name: WX in wiring closet 4
success: self-signed cert for admin generated
WX1200# crypto generate self-signed eap
Country Name: US
State Name: CA
Locality Name: San Francisco
Organizational Name: example
Organizational Unit: IT
Common Name: WX 6
Email Address: admin@example.com