3Com WX2200 3CRWX220095A Switch User Manual


 
Key and Certificate Configuration Scenarios 429
WX1200# display crypto certificate web
Certificate:
Version: 3
Serial Number: 999 (0x3e7)
Subject: C=US, ST=CA, L=PLEAS, O=Mycorp, OU=SQA,
CN=BOBADMIN/emailAddress=BOBADMIN, unstructuredName=BOB
Signature Algorithm: md5WithRSAEncryption
Issuer: C=US, ST=CA, L=PLEAS, O=Mycorp, OU=SQA,
CN=BOBADMIN/emailAddress=BOBADMIN, unstructuredName=BOB
Validity:
Not Before: Oct 19 02:02:02 2004 GMT
Not After : Oct 19 02:02:02 2005 GMT
Installing CA-Signed
Certificates from
PKCS #12 Object Files
This scenario shows how to use PKCS #12 object files to install
public-private key pairs, CA-signed certificates, and CA certifies for
administrative access, 802.1X (EAP) access, and Web AAA access.
1 Set time and date parameters, if not already set. (See “Configuring and
Managing Time Parameters” on page 124.)
2 Obtain PKCS #12 object files from a certificate authority.
3 Copy the PKCS #12 object files to nonvolatile storage on the WX. Use the
following command:
copy tftp://filename local-filename
For example, to copy PKCS #12 files named 2048admn.p12,
20481x.p12, and 2048web.p12 from the TFTP server at the address
192.168.253.1, type the following commands:
WX1200# copy tftp://192.168.253.1/2048admn.p12 2048admn.p12
success: received 637 bytes in 0.253 seconds [ 2517
bytes/sec]
WX1200# copy tftp://192.168.253.1/20481x.p12 20481x.p12
success: received 637 bytes in 0.253 seconds [ 2517
bytes/sec]
WX1200# copy tftp://192.168.253.1/2048web.p12 2048web.p12
success: received 637 bytes in 0.253 seconds [ 2517
bytes/sec]
4 Enter the one-time passwords (OTPs) for the PKCS #12 object files. The
OTP protects the PKCS #12 file.
To enter a one-time password, use the following command:
crypto otp {admin | eap | web} one-time-password