Filter
Top Products
Overview 299
Table 53
Supported key and certificate formats (cont’d.)
Format
Import/Add Export/Save Comment
Netsca
pe Ent
erprise
Server
Yes No Key only (proprietary format). Requires conversion. For
information about the conversion tool, contact Nortel
Technical Support (see “How to get help” (page 21)).
iPlanet
Server
Yes No Key only (proprietary format). Requires conversion. For
information about the conversion tool, contact Nortel
Technical Support (see “How to get help” (page 21)).
Creating certificates
The basic steps to create a new certificate are:
Step Action
1 Generate a Certificate Signing Request (CSR) (see “Generating
and submitting a CSR” (page 305)).
2 Send the CSR to a Certificate Authority (CA), such as Entrust
or VeriSign, for certification (see “Generating and submitting a
CSR” (page 305)).
3 Install the signed certificate on the Nortel SNAS cluster (see
“Installing certificates and keys” (page 299)).
4 Map the installed certificate to the Nortel SNAS portal server
(see “Configuring SSL settings” (page 102)).
--End--
Installing certificates and keys
There are two ways to install a certificate and key in the Nortel SNAS
cluster:
• by pasting (see “Adding a certificate to the Nortel SNAS ” (page 310))
• by importing from a TFTP/FTP/SCP/SFTP server (see “Importing
certificates and keys into the Nortel SNAS ” (page 314))
When you generate the CSR, the private key is created and stored in
encrypted form on the Nortel SNAS using the specified certificate number.
After you receive the certificate, which contains the corresponding public
key, use the same certificate number when you add the certificate to
the Nortel SNAS. Otherwise, the private key and the public key in the
certificate will not match.
Nortel Secure Network Access Switch
Using the Command Line Interface
NN47230-100 03.01 Standard
28 July 2008
Copyright © 2007, 2008 Nortel Networks
.