Support User Manuals

Alcatel-Lucent 8950 AAA Computer Accessories User Manual

Open as PDF

of 476

Procedures for Creating Certificates8950 AAA Certificate Manager

............................................................................................................................................................................................................................................................

365-360-001R6.0

Issue 1, December 2008

22-19

............................................................................................................................................................................................................................................................

Generating a Server Certificate

Important!

You must have a server certificate for certain EAP types, for example:

EAP-TLS, EAP-TTLS, EAP-PEAP.

1. If the aaa-cert GUI is not open, from the 8950 AAA bin directory, type:

./aaa-cert -gui

2. From the GUI select Server Certificate and click Next >

3. Enter a Common Name for your server certificate, for example, MyServerCert.

4. Enter your country if it is other than the US.

5. Enter the number of days to specify the validity of the certificate.

6. Add any additional information and click Next >

7. Enter the GNS name and click Next >

8. Enter the root file name and the password used to encrypt the root certificate private

key.

9. Enter the password for encrypting the server certificate private key.

Important! Record the password in a safe place. You will need it to generate server

and client certificates.

10. Click Next >

11. Enter the name of the root certificate file. See “Generating a Root Certificate” on

page 18.

12. Enter a name for the server certificate file you are creating, or accept the defaults, and

click Next >

13. The contents of the certificate are displayed for your review. It is not necessary to

record this information; it will be included in the file.

14. Click Generate Another Certificate to create a client certificate

OR

click Close to terminate the aaa-cert application.

Generating a Client Certificate

Important!

You must have a client certificate for certain EAP types, for example:

EAP-TLS, EAP-TTLS, EAP-PEAP.

1. If the aaa-cert GUI is not open, from the 8950 AAA bin directory type:

./aaa-cert -gui

2. From the GUI select Client Certificate and click Next >

3. Enter a Common Name for your client certificate, for example, MyClientCert.

4. Enter your country if it is other than the US.

previous next