beautypg.com

Managing certificate authority (ca) certificates, Importing a ca certificate – Brocade Mobility 7131 Access Point Product Reference Guide (Supporting software release 4.4.0.0 and later) User Manual

Page 93

background image

Brocade Mobility 7131 Access Point Product Reference Guide

81

53-1002517-01

4

11. Click Logout to securely exit the access point applet. A prompt displays confirming the logout

before the applet is closed.

Managing Certificate Authority (CA) Certificates

Certificate management includes the following sections:

Importing a CA Certificate

Creating Self Certificates for Accessing the VPN

Importing a CA Certificate

A certificate authority (CA) is a network authority that issues and manages security credentials and
public keys for message encryption. The CA signs all digital certificates that it issues with its own
private key. The corresponding public key is contained within the certificate and is called a CA
certificate. A browser must contain this CA certificate in its Trusted Root Library so it can trust
certificates “signed” by the CA's private key.

Depending on the public key infrastructure, the digital certificate includes the owner's public key,
the certificate expiration date, the owner's name and other public key owner information.

The Mobility 7131 Access Point can import and maintain a set of CA certificates to use as an
authentication option for Virtual Private Network (VPN) access. To use the certificate for a VPN
tunnel, define a tunnel and select the IKE settings to use either RSA or DES certificates. For
additional information on configuring VPN tunnels, see Configuring VPN Tunnels on page 6-216.

CAUTION

Loaded and signed CA certificates will be lost when changing the access point’s firmware version
using either the GUI or CLI. After a certificate has been successfully loaded, export it to a secure
location to ensure its availability after a firmware update.

If restoring the access point’s factory default firmware, you must export the certificate file
BEFORE restoring the access point’s factory default configuration. Import the file back after the
updated firmware is installed. For information on using the access point CLI to import and export
the access point’s configuration, see br7131>admin(system.cmgr)>impcert on page 8-394 and
br7131>admin(system.cmgr)>expcert on page 8-393.

Refer to your network administrator to obtain a CA certificate to import into the Mobility 7131
Access Point.

NOTE

Verify the Mobility 7131 Access Point device time is synchronized with an NTP server before
importing a certificate to avoid issues with conflicting date/time stamps. For more information, see
Configuring Network Time Protocol (NTP) on page 4-100.

To import a CA certificate:

1. Select System Configuration -> Certificate Mgmt -> CA Certificates from the menu tree.

See also other documents in the category Brocade Computer Accessories: