Allied Telesis AT-S63 User Manual
Page 806

Chapter 34: PKI Certificates and SSL
806
Section IX: Management Security
9. Enter the ID number of the encryption key that you want to use to
create this certificate. The encryption key must already exist on the 
switch. (If you have forgotten the key ID number, return to the Key 
Management menu to view the keys on the switch.) The value can be 
from 0 to 65,535.
10. Type 3 to select Format to choose the encoding format for the
certificate. The possible options are:
DER - Indicates the certificate contents are in a binary format. This is 
the default.
PEM - Indicates the certificate are in the Privacy Enhanced Mail (PEM) 
format which is an ASCII format. 
11. Type 4 to select Serial Number.
The following prompt is displayed:
Enter certificate serial number->[0 to 2147483647] -> 0
12. Enter a value between 0 and 2,147,483,647.
Self-signed certificates are usually assigned a serial number of 0.
13. Type 5 to select Subject DN and enter a distinguished name for the
certificate. (Do not enclose the distinguished name in quotes.)
Note
If you did not enter a distinguished name in step 2, then you need to 
enter one here. A certificate must have a distinguished name. For 
further information, refer to “Distinguished Names” on page 793. If 
you enter a name both here and in Step 2, the certificate will contain 
the name entered here.
14. Type 6 to select Create Self-Signed Certificate.
The following prompt is displayed:
Please wait while certificate is generated...Done!
15. Press any key.
The X509 Certificate Management menu is displayed again.
The certificate is automatically saved in the AT-S63 file system. You do 
not need to return to the Main Menu to permanently save the new 
certificate.
16. Go to the next procedure to add the certificate to the certificate
database.
