384 Managing Keys and Certificates
320657-A
Digital Certificates
Digital certificates bind the identity of network users and devices to a public key. Network users must authenticate their
identity to those with whom they communicate, and must be able to verify the identity of other users and network
devices, such as switches and RADIUS servers.
The Nortel Mobility System supports the following types of X.509 digital certificates:
• Administrative certificate—Used by the WSS to authenticate itself to WLAN Management Software or Web
View.
• EAP certificate—Used by the WSS to authenticate itself to EAP clients.
• Web-based AAA certificate—Used by the WSS to authenticate itself to Web-based AAA clients, who use a web
page served by an WSS switch to log onto the network.
• Certificate authority (CA) certificates—Used by the WSS in addition to the certificates listed above, when those
certificates are from the CA.
The Admin, EAP, and Web-based AAA certificates can be generated by the WSS (self-signed) or generated and signed
by a CA. If they are signed by a CA, the CA’s own certificate is also required.
