Chapter 34: PKI Certificates and SSL
630 Section IX: Management Security
Installing CA Certificates onto a SwitchThis section lists the procedures to perform for a certificate from a public
or private CA. It should be noted that a CA generated certificate will
consist of several certificates, with a minimum of two. All the certificates
from the CA must be installed on the switch and loaded into the certificate
database.
Note
A certificate from a CA can only be used on the switch where you
created the encryption key pair and enrollment request. Do not
install the certificate on any other switch.
To install CA certificates on a switch, perform the following procedure:
1. Download the certificates from your management station or FTP
server to the AT-S63 file system on the switch. For instructions, refer
to “Downloading a System File” on page 182.
2. Load the certificates into the certificate database. For instructions,
refer to “Adding a Certificate to the Database” on page 616.
3. Activate HTTPS on the switch by configuring the web server and
specifying the key pair used to create the enrollment request as the
active key pair. For instructions, refer to “Configuring the Web Server”
on page 590.