10: Security Settings
PremierWave XN User Guide 70
Certificate and Key Generation
The PremierWave XN can generate self signed certificates and their corresponding keys. This can
be done for both the rsa and dsa certificate formats. Certificates can be identified on the
PremierWave XN by a name provided at generation time.
Table 10-5 Certificate and Key Generation Settings
To Create a New Credential
Using Web Manager
To create a new credential, gclick SSL in the menu and select Credentials.
Using the CLI
To enter the SSL command level: enable -> ssl
To enter the Credentials command level: enable -> ssl -> credentials
Certificate Generation
Settings
Description
Country (2 Letter Code) Enter the 2-letter country code to be assigned to the new self-signed
certificate.
Examples: US for United States and CA for Canada
State/Province Enter the state or province to be assigned to the new self-signed certificate.
Locality (City) Enter the city or locality to be assigned to the new self-signed certificate.
Organization Enter the organization to be associated with the new self-signed certificate.
Organization Unit Enter the organizational unit to be associated with the new self-signed
certificate.
Common Name Enter the common name to be associated with the new self signed
certificate. Note that this is a required field.
Expires Enter the expiration date, in mm/dd/yyyy format, for the new self-signed
certificate.
Example: An expiration date of May 9, 2012 is entered as 05/09/2012.
Key length Select the bit size of the new self-signed certificate. Choices are:
512 bits
768 bits
1024 bits
2048 bits
The larger the bit size, the longer it takes to generate the key.
Type Select the type of key:
RSA = Public-Key Cryptography algorithm based on large prime
numbers, invented by Rivest Shamir and Adleman. Used for encryption
and signing.
DSA = Digital Signature Algorithm also based on large prime numbers,
but can only be used for signing. Developed by the US government to
avoid the patents on RSA.