52 CHAPTER 3: CONFIGURING A WX SWITCH FOR BASIC SERVICE
To install a CA’s certificate:
1 Request a copy of the CA certificate as a PKCS #7 object file from the CA,
then open the file with an ASCII text editor (such as Notepad) or a
browser.
2 Type the crypto ca-certificate admin command.
3 After the prompt, copy and paste the PKCS #7 object file into the CLI. For
example:
WX1200# crypto ca-certificate admin
Enter PEM-encoded certificate
-----BEGIN CERTIFICATE-----
MIIDwDCCA2qgAwIBAgIQL2jvuu4P05FAQI
CyewU3ojANBgkqhkiG9w0BAQUFADCB
mzErMCkGCSqGSIb3DQEJARYcYWRtaW5
pc3RyYXRvckB0cmFwZXplc3FhLmNvbTEL
...
RGpOeQ==
-----END CERTIFICATE-----
Displaying Certificate Information
Use the following command to display administrative certificate
information:
display crypto certificate admin
This command displays the following information about the certificate:
■ X.509 version number
■ Serial number
■ Subject (the certificate holder’s identifying information)
■ Signature algorithm used by the signer of the certificate
■ Issuer information (CA information, unless the certificate is
self-signed)
■ Period during which the certificate is valid
Installing a Server
Certificate for
Network Users
To use an 802.1X authentication protocol that includes local EAP
processing on a WX switch, the switch must have a server certificate. You
can generate a certificate on the switch itself or install a certificate
To Next Page
Loading...
