Managing certificate authority (ca) certificates, Importing a ca certificate – Brocade Mobility 7131N-FGR Access Point Product Reference Guide (Supporting software release 4.0.0.0-35GRN and later) User Manual
Page 81
Brocade Mobility 7131N-FGR Product Reference Guide
69
53-1001947-01
Managing certificate authority (CA) certificates
4
Managing certificate authority (CA) certificates
Certificate management includes the following sections:
•
•
Creating self certificates for accessing the VPN
Importing a CA certificate
A certificate authority (CA) is a network authority that issues and manages security credentials and
public keys for message encryption. The CA signs all digital certificates that it issues with its own
private key. The corresponding public key is contained within the certificate and is called a CA
certificate. A browser must contain this CA certificate in its Trusted Root Library so it can trust
certificates “signed” by the CA's private key.
Depending on the public key infrastructure, the digital certificate includes the owner's public key,
the certificate expiration date, the owner's name and other public key owner information.
The Brocade Mobility 7131N-FGR Access Point can import and maintain a set of CA certificates to
use as an authentication option for Virtual Private Network (VPN) access. To use the certificate for
a VPN tunnel, define a tunnel and select the IKE settings to using DES certificates. For additional
information on configuring VPN tunnels, see
CAUTION
Loaded and signed CA certificates will be lost when changing the access point’s firmware version
using either the GUI or CLI. After a certificate has been successfully loaded, export it to a secure
location to ensure its availability after a firmware update.
If restoring the access point’s factory default firmware, you must export the certificate file
BEFORE restoring the access point’s factory default configuration. Import the file back after the
updated firmware is installed. For information on using the access point CLI to import and export
the access point’s configuration, see
“BR7131N>admin(system.cmgr)> impcert”
and
“BR7131N>admin(system.cmgr)> expcert”
Refer to your network administrator to obtain a CA certificate to import into the Brocade Mobility
7131N-FGR Access Point.
NOTE
Verify the Brocade Mobility 7131N-FGR Access Point device time is synchronized with an NTP server
before importing a certificate to avoid issues with conflicting date/time stamps. For more
information, see
“Configuring Network Time Protocol (NTP)”
To import a CA certificate: