Brocade Mobility Access Point System Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

Brocade Mobility Access Point System Reference Guide

231

53-1003100-01

5

Define the following configuration parameters required for the Import of the trustpoint:

A certificate authority (CA) is a network authority that issues and manages security credentials
and public keys for message encryption. The CA signs all digital certificates it issues with its
own private key. The corresponding public key is contained within the certificate and is called a
CA certificate.

If a certificate displays within the Certificate Management screen with a CRL, that CRL can be
imported. A certificate revocation list (CRL) is a list of revoked certificates, or certificates no longer
valid. A certificate can be revoked if the CA improperly issued a certificate, or if a private key is
compromised. The most common reason for revocation is the user no longer being in sole
possession of the private key.

Signed certificates (or root certificates) avoid the use of public or private CAs. A self-signed
certificate is an identity certificate signed by its own creator, thus the certificate creator also signs
off on its legitimacy. The lack of mistakes or corruption in the issuance of self signed certificates is
central.

Define the following configuration to import the Trustpoint from a location on the network. To do so,
select From Network and provide the following information.

Import

Select the type of Trustpoint to import. The following Trustpoints can be imported:

•

Import – Select to import any trustpoint.

•

Import CA – Select to import a Certificate Authority (CA) certificate on to the access point.

•

Import CRL – Select to import a Certificate Revocation List (CRL), CRLs are used to identify
and remove those installed certificates that have been revoked or are no longer valid.

•

Import Signed Cert – Select to import a self signed certificate.

Trustpoint Name

Enter the 32 character maximum name assigned to the target trustpoint. The trustpoint signing the
certificate can be a certificate authority, corporation or individual.

URL

Provide the complete URL to the location of the trustpoint. This option is available by default. Click
the Advanced link next to this field to display more fields to provide detailed trustpoint location
information.

Protocol

If using Advanced settings, select the protocol used for importing the target trustpoint. Available
options include:

•

tftp

•

ftp

•

sftp

•

http

•

cf

•

usb1

•

usb2

Port

If using Advanced settings, use the spinner control to set the port. This option is not valid for cf,
usb1 and usb2.

IP Address

If using Advanced settings, enter IP address of the server used to import the trustpoint. This option
is not valid for cf, usb1 and usb2.

Host

If using Advanced settings, provide the hostname of the server used to import the trustpoint. This
option is not valid for cf, usb1, and usb2.

Username/Password

These fields are enabled if using ftp or sftp protocols. Specify the username and the password for
that username to access the remote servers using these protocols.

Path/File

If using Advanced settings, specify the path to the trustpoint. Enter the complete path to the file on
the server.