Creating certificates, Installing certificates and keys – Nortel Networks 5500 series User Manual
Page 299
Overview
299
Table 53
Supported key and certificate formats (cont’d.)
Format
Import/Add
Export/Save
Comment
Netsca
pe Ent
erprise
Server
Yes
No
Key only (proprietary format). Requires conversion. For
information about the conversion tool, contact Nortel
Technical Support (see
).
iPlanet
Server
Yes
No
Key only (proprietary format). Requires conversion. For
information about the conversion tool, contact Nortel
Technical Support (see
).
Creating certificates
The basic steps to create a new certificate are:
Step
Action
1
Generate a Certificate Signing Request (CSR) (see
and submitting a CSR” (page 305)
2
Send the CSR to a Certificate Authority (CA), such as Entrust
or VeriSign, for certification (see
3
Install the signed certificate on the Nortel SNAS cluster (see
“Installing certificates and keys” (page 299)
).
4
Map the installed certificate to the Nortel SNAS portal server
(see
“Configuring SSL settings” (page 102)
).
--End--
Installing certificates and keys
There are two ways to install a certificate and key in the Nortel SNAS
cluster:
•
by pasting (see
“Adding a certificate to the Nortel SNAS ” (page 310)
•
by importing from a TFTP/FTP/SCP/SFTP server (see
certificates and keys into the Nortel SNAS ” (page 314)
When you generate the CSR, the private key is created and stored in
encrypted form on the Nortel SNAS using the specified certificate number.
After you receive the certificate, which contains the corresponding public
key, use the same certificate number when you add the certificate to
the Nortel SNAS. Otherwise, the private key and the public key in the
certificate will not match.
Nortel Secure Network Access Switch
Using the Command Line Interface
NN47230-100
03.01
Standard
28 July 2008
Copyright © 2007, 2008 Nortel Networks
.