1.Open the PKCS#7 object file with an ASCII text editor such as Notepad or vi.

2.Enter the crypto certificate command on the CLI command line.

3.When MSS prompts you for the PEM-formatted certificate, paste the PKCS#7 object file onto the command line.

The switch verifies the validity of the public key associated with this certificate before installing it, to prevent a mismatch between the switch’s private key and the public key in the installed certificate.

Examples: The following command installs a certificate:

DWS-1008# crypto certificate admin Enter PEM-encoded certificate

-----BEGIN CERTIFICATE-----

MIIBdTCP3wIBADA2MQswCQYDVQQGEwJVUzELMAkGA1UECBMCQOEx GjAYBgNVBAMU EXR1Y2hwdWJzQHRycHouY29tMIGfMAOGCSqGSIb3DQ EBAQAA4GNADCBiQKBgQC4 .....

2L8Q9tk+G2As84QYLm8wmVY>xP56M;CUAm908C2foYgOY40=

-----END CERTIFICATE-----

See Also:

crypto generate request

crypto generate self-signed

crypto generate key

Generates an RSA public-private encryption key pair that is required for a Certificate Signing Request (CSR) or a self-signed certificate. For SSH, generates an authentication key.

Syntax: crypto generate key {admin eap ssh web} {128 512 1024 2048}

admin

Generates an administrative key pair for authenticating the switch to or

 

Web View.

eap

Generates an EAP key pair for authenticating the switch to 802.1X supplicants

 

(clients).

ssh

Generates a key pair for authenticating the switch to Secure Shell (SSH)

 

clients.

web

Generates an administrative key pair for authenticating the switch to WebAAA

 

clients.

D-Link DWS-1008 CLI Manual

217

Page 220
Image 220
D-Link dws-1008 manual Crypto generate key, Ssh