About Keys and Certificates 417
EAP certificate—Used by the WX switch to authenticate itself to EAP
clients.
WebAAA certificate—Used by the WX switch to authenticate itself
to WebAAA clients, who use a web page served by a WX switch to
log onto the network.
Certificate authority (CA) certificates—Used by the WX switch in
addition to the certificates listed above, when those certificates are
from the CA.
The Admin, EAP, and WebAAA certificates can be generated by the WX
switch (self-signed) or generated and signed by a CA. If they are signed
by a CA, the CA’s own certificate is also required.
PKCS #7, PKCS #10,
and PKCS #12 Object
Files
Public-Key Cryptography Standards (PKCS) are encryption interface
standards created by RSA Data Security, Inc., that provide a file format for
transferring data and cryptographic information. 3Com supports the
PKCS object files listed in Table36.
Table36 PKCS Object Files Supported by 3Com
File Type Standard Purpose
PKCS #7 Cryptographic Message
Syntax Standard Contains a digital certificate signed by a
CA.
To install the certificate from a PKCS#7
file, use the crypto certificate command
to prepare MSS to receive the certificate,
then copy and paste the certificate into
the CLI.
A PKCS #7 file does not contain the public
key to go with the certificate. Before you
generate the CSR and instal the
certificate, you must generate the
public-private key pair using the crypto
generate key command.
PKCS #10 Certification Request
Syntax Standard Contains a Certificate Signing Request
(CSR), a special file with encoded
information needed to request a digital
certificate from a CA.
To generate the request, use the crypto
generate request command. Copy and
paste the results directly into a browser
window on the CA server, or into a file to
send to the CA server.