Filter
Top Products
Key and Certificate Configuration Scenarios 431
Installing CA-Signed
Certificates Using a
PKCS #10 Object File
(CSR) and a PKCS #7
Object File
This scenario shows how to use CSRs to install public-private key pairs,
CA-signed certificates, and CA certifies for administrative access, 802.1X
(EAP) access, and Web AAA access.
1 Set time and date parameters, if not already set. (See “Configuring and
Managing Time Parameters” on page 124.)
2 Generate public-private key pairs:
WX1200# crypto generate key admin 1024
key pair generated
WX1200# crypto generate key eap 1024
key pair generated
WX1200# crypto generate key web 1024
key pair generated
3 Create a CSR (PKCS #10 object file) to request an administrative
certificate:
WX1200# crypto generate request admin
Country Name: US
State Name: CA
Locality Name: Cambria
Organizational Name: example
Organizational Unit: eng
Common Name: WX-2
Email Address: admin@example.com
Unstructured Name: wiring closet 12
CSR for admin is
-----BEGIN CERTIFICATE REQUEST-----
MIIBdTCB3wIBADA2MQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExGjAYBgNV
EXRlY2hwdWJzQHRycHouY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
...
2L8Q9tk+G2As84QYMwe9RJAjfbYM5bdWRUFiLzvK7BJgqBsCZz4DP00=
-----END CERTIFICATE REQUEST-----
4 Copy the CSR into the CA’s application.
5 Transfer the signed administrative certificate (PKCS #7 object file) from
the CA to your computer.
6 Open the signed certificate file with a text editor. Copy the entire file
from the first hyphen to the last.