Allied Telesis AT-WA7500, AT-WA7501 manual About Certificates, Server

Understanding

Which Access

Points Need

Certificates

Understanding

Which

Certificates Are

Installed by

Default

Certificates encrypt communication between the internal RADIUS server, RADIUS clients, and the supplicants and HTTPS clients.

There are two types of certificates:

ˆThe trusted certificate authority (CA) certificate (commonly referred to as the “root certificate” or “root cert”) is the public key. Trusted CA certificates can be in *.PEM format or *.CER format. They can contain several trusted CAs but should be kept to a maximum file size of 2Kb.

ˆThe server certificate (sometimes referred to as the client certificate) is the private key. Server certificates can be in either PKCS12 (*.P12/ *.PFX) or *.PEM format.

The next table summarizes when an access point needs to have a CA certificate and/or a server certificate installed on it.

Table 57. Access Points and Certificates

Your access point comes from the factory with a unique server certificate with a unique common name and passphrase. It also comes with a trusted CA certificate that supports clients running the TLS authentication type.

These certificates support the secure web browser interface and provide basic security for all authentication types.

Allied Telesyn can provide the service of acting as a certificate authority and can issue certificates. For more information, contact your local ATI