3Com WX4400 3CRWX440095A User Manual

Key and Certificate Configuration Scenarios

431

Installing CA-Signed

Certificates Using a

PKCS #10 Object File

(CSR) and a PKCS #7

Object File

This scenario shows how to use CSRs to install public-private key pairs,
CA-signed certificates, and CA certifies for administrative access, 802.1X
(EAP) access, and Web AAA access.

1 Set time and date parameters, if not already set. (See “Configuring and

Managing Time Parameters” on page 124.)

2 Generate public-private key pairs:

WX1200# crypto generate key admin 1024
key pair generated
WX1200# crypto generate key eap 1024
key pair generated
WX1200# crypto generate key web 1024
key pair generated

3 Create a CSR (PKCS #10 object file) to request an administrative

certificate:

WX1200# crypto generate request admin
Country Name: US
State Name: CA
Locality Name: Cambria
Organizational Name: example
Organizational Unit: eng
Common Name: WX-2
Email Address: [email protected]
Unstructured Name: wiring closet 12
CSR for admin is
-----BEGIN CERTIFICATE REQUEST-----
MIIBdTCB3wIBADA2MQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExGjAYBgNV
EXRlY2hwdWJzQHRycHouY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
...
2L8Q9tk+G2As84QYMwe9RJAjfbYM5bdWRUFiLzvK7BJgqBsCZz4DP00=
-----END CERTIFICATE REQUEST-----

4 Copy the CSR into the CA’s application.

5 Transfer the signed administrative certificate (PKCS #7 object file) from

the CA to your computer.

6 Open the signed certificate file with a text editor. Copy the entire file

from the first hyphen to the last.