
Managing private keys and certificates 315
2 Access the Certificate menu by using the /cfg/cert <cert
id> command, where <cert id> is the certificate number.
To install a new certificate, specify an unused certificate number.
To replace an installed certificate, specify the installed certificate
index number.
To view basic information about all configured certificates,
use the /info/certs command. To verify that the current
certificate number is not in use by an installed certificate, use the
/cfg/cert #/show command.
3 Import the certificate. Enter the following command:
/cfg/cert #/import
You are prompted to enter the certificate and private key import
information. If the private key has been password protected, you
are prompted for the correct password phrase as well. Table 55
"Certificate and key import information" (page 315) explains the
required parameters.
Table 55
Certificate and key import information
Parameter Description
Protocol The file import protocol. The options are TFTP,
FTP, SCP, SFTP. The default is TFTP.
Server host name
or IP address
The host name or IP address of the file
exchange server.
File name The name of the file on the file exchange
[FTP user name
and password]
For FTP, SCP, and SFTP, the user name and
password to access the file exchange server.
The default is anonymous.
For anonymous mode, the Nortel SNAS uses
the following string as the password (for logging
purposes): admin@<hostname>.isd.
[Pass phrase] If the key is password protected, the password
phrase specified when the key was created or
exported. The password phrase must be at
least four characters in length.
4 If the private key was not included in the certificate file, repeat
step 3 to import the key file, then go to step 5.
5 Apply the changes.
The certificate and private key are now fully installed.
Figure 18 "Adding a certificate and private key by importing"
(page 316) shows sample output for the /cfg/cert #/import
Nortel Secure Network Access Switch
Using the Command Line Interface
NN47230-100 03.01 Standard
28 July 2008
Copyright © 2007, 2008 Nortel Networks