Chapter 34: PKI Certificates and SSL
612 Section IX: Management Security
Creating a Self-signed Certificate
This section contains the procedure for creating a self-signed certificate.
Please review the following before you perform the procedure:
For a general review of all the steps to configuring the switch for a self-
signed certificate, refer to “General Steps for a Self-signed Certificate”
on page 593.)
The switch’s time and date must be set before you create a certificate.
You can set this manually or you can configure the switch to obtain the
date and time from an SNTP server on your network. For instructions,
refer to “Setting the System Time” on page38.
You must generate an encryption key pair before creating a certificate.
For instructions, refer to “Creating an Encryption Key” on page 596.
During this procedure you are prompted to enter the ID number of the
encryption key pair to be used to create the certificate. If you have
forgotten the ID number of the key, refer to “Creating an Encryption
Key” on page 596 to view key ID numbers.
To create a self-signed certificate, perform the following procedure:
1. From the Main Menu, type 7 to select Security and Services.
2. From the Security and Services menu, type 7 to select Keys/
Certificates Configuration.
The Keys/Certificates Configuration menu is shown in Figure 221 on
page 596.
You can specify the distinguished name for the certificate from this
menu by selecting option 1, Distinguished Name, in the Keys/
Certificates Configuration menu and entering the name. Or, you can
wait and specify the distinguished name later in this procedure.
3. From the Keys/Certificate menu, type 3 to select Public Key
Infrastructure (PKI) Configuration.