Generating an enrollment request, Ained in “generating an – Allied Telesis AT-S62 User Manual

Chapter 32: PKI Certificates and SSL

730

Section VII: Management Security

Generating an Enrollment Request

To request a certificate from a public or private CA, you need to generate
an enrollment request. The request contains the public key for the
certificate, a distinguished name, and other information. The request is
stored as a file with a “.csr” extension in the AT-S62 file system, from
where you can upload it onto your management workstation or FTP server
for submission to the CA.

Please review the following before performing the procedure:

ˆ

You must generate an encryption key pair before creating an
enrollment request. For instructions, refer to “Creating an Encryption
Key” on page 695.

ˆ

During this procedure you are prompted to enter the ID number of the
encryption key pair to be used to create the enrollment request. If you
do not know the ID number, refer to “Creating an Encryption Key” on
page 695 to view the key ID numbers.

ˆ

For a review of all the steps to creating an enrollment request and
downloading a CA certificate onto a switch, refer to “General Steps for
a Public or Private CA Certificate” on page 685.

To generate an enrollment request, perform the following procedure:

1. From the Main Menu, type 7 to select Security and Services.

2. From the Security and Services menu, type 7 to select the Keys/

Certificates Configuration menu.

3. From the Keys/Certificates Configuration menu, type 1 to select Switch

Distinguished Name (DN) and, when prompted, enter a name. An
enrollment request must have a distinguished name. For information,
refer to “Distinguished Names” on page 707.

4. From the Keys/Certificates Configuration menu, type 3 to select Public

Key Infrastructure (PKI) Configuration.

The Public Key Infrastructure (PKI) Configuration menu is shown in
Figure 243 on page 719.