Managing Keys and Certificates 399
Nortel WLAN Security Switch 2300 Series Configuration Guide
Installing CA-Signed Certificates Using a PKCS #10 Object File (CSR)
and a PKCS #7 Object File
This scenario shows how to use CSRs to install public-private key pairs, CA-signed certificates, and CA certifies for
administrative access, 802.1X (EAP) access, and Web AAA access.
1 Set time and date parameters, if not already set. (See “Configuring and Managing Time Parameters” on
page 136.)
2 Generate public-private key pairs:
23x0# crypto generate key admin 1024
key pair generated
23x0# crypto generate key eap 1024
key pair generated
23x0# crypto generate key webaaa 1024
key pair generated
3 Create a CSR (PKCS #10 object file) to request an administrative certificate:
23x0# crypto generate request admin
Country Name: US
State Name: CA
Locality Name: Cambria
Organizational Name: example
Organizational Unit: eng
Common Name: WSS-2350
Email Address: admin@example.com
Unstructured Name: wiring closet 12
CSR for admin is
-----BEGIN CERTIFICATE REQUEST-----
MIIBdTCB3wIBADA2MQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExGjAYBgNVBAM
U
EXRlY2hwdWJzQHRycHouY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC
4
...
2L8Q9tk+G2As84QYMwe9RJAjfbYM5bdWRUFiLzvK7BJgqBsCZz4DP00=
-----END CERTIFICATE REQUEST-----
4 Copy the CSR into the CA’s application.
5 Transfer the signed administrative certificate (PKCS #7 object file) from the CA to your computer.
6 Open the signed certificate file with a text editor. Copy the entire file from the first hyphen to the last.
Note. You must paste the entire block, from the beginning
-----BEGIN CERTIFICATE REQUEST----- to the end
-----END CERTIFICATE REQUEST-----.
