Allied Telesis AT-S63 User Manual

Page 806

background image

Chapter 34: PKI Certificates and SSL

806

Section IX: Management Security

9. Enter the ID number of the encryption key that you want to use to

create this certificate. The encryption key must already exist on the
switch. (If you have forgotten the key ID number, return to the Key
Management menu to view the keys on the switch.) The value can be
from 0 to 65,535.

10. Type 3 to select Format to choose the encoding format for the

certificate. The possible options are:

DER - Indicates the certificate contents are in a binary format. This is
the default.

PEM - Indicates the certificate are in the Privacy Enhanced Mail (PEM)
format which is an ASCII format.

11. Type 4 to select Serial Number.

The following prompt is displayed:

Enter certificate serial number->[0 to 2147483647] -> 0

12. Enter a value between 0 and 2,147,483,647.

Self-signed certificates are usually assigned a serial number of 0.

13. Type 5 to select Subject DN and enter a distinguished name for the

certificate. (Do not enclose the distinguished name in quotes.)

Note

If you did not enter a distinguished name in step 2, then you need to
enter one here. A certificate must have a distinguished name. For
further information, refer to “Distinguished Names” on page 793. If
you enter a name both here and in Step 2, the certificate will contain
the name entered here.

14. Type 6 to select Create Self-Signed Certificate.

The following prompt is displayed:

Please wait while certificate is generated...Done!

15. Press any key.

The X509 Certificate Management menu is displayed again.

The certificate is automatically saved in the AT-S63 file system. You do
not need to return to the Main Menu to permanently save the new
certificate.

16. Go to the next procedure to add the certificate to the certificate

database.