Configuring ca certificates – Allied Telesis AT-S60 User Manual

Chapter 22: Web Server

Section V: Security Features

482

Warning

Using this command creates a certificate that is only suitable for
secure switch management via the GUI. A pop-up message appears
in the browser window warning that the certificate is not issued by
a trusted authority. For details, see Chapter 24: Web Server page
477.

6. Load self-signed switch certificate to the certificate database.

To load the signed switch certificate onto the switch, see Adding
Certificates to the Database on page 513.

Note

Make sure you have a valid IP address for your web server.

7. Enable SSL on the HTTP Web server

To enable SSL on the HTTP server with a previously created SSL
Key, use the procedure described in Configuring the Web Server
for Security Features on page 479.

Configuring CA

Certificates

To create a CA certificate, you perform many of the same steps as you
did when you created a self-signed certificate. Then you generate an
enrollment request. After you upload the enrollment request, you apply
for a certificate from a known certificate authority such as VeriSign
(www.verisign.com). Then, you use this certificate to deploy an AT-8400
Series switch on a commercial network.

To configure a CA Certificate on your switch, perform the following
procedure:

1. Login with a Manager login id.

2. Create an RSA key pair for this switch.

To create an RSA key pair, see Configuring Keys for Encryption on
page 491.

3. Set the switch’s distinguished name.

To configure a distinguished name for a switch, see Configuring
Keys for Encryption on page 491.

4. Set the Universal Coordinated Time (UTC).

To set the time, see the procedure in Setting the System Time on
page 59.

5. Generate an enrollment request.

See the procedure in Generating Enrollment Requests on page
521.