352CHAPTER 9: MANAGING CERTIFICATES

Distributing PKCS You can use 3WXM to distribute PKCS #12 files to one or more WX

#12 Filesswitches. After you select the file to distribute, you must enter the PKCS #12 password that was used to generate the certificate. You must also select whether the file is to be installed for administrative, 802.1X, or WebAAA purposes. You can then download the PKCS #12 file to the WX switches. The password allows the public-private key pair and the certificate to be installed together from the same file. The password is removed after the PKCS #12 file is installed.

Although you can distribute one PKCS #12 file to many WX switches, as a best practice, you should install a unique certificate and key pair per WX.

To distribute a PKCS #12 file

1Select Manage > Distribute Certificates. The Distribute PKCS12 Certificate Files dialog box appears.

2In the Mobility Domain Selection list, select a Mobility Domain.

3Select the WX or WX switches you want to distribute the PKCS #12 file to, or select None if the switches are not in a Mobility Domain.

4To select a file to distribute, click Select PKCS12 File.

5In the PKCS12 Password box, type the one-time password used to authenticate the PKCS12 file. The following characters cannot be used as part of the one-time password of a PKCS #12 file: quotation marks (“ ”), question mark (?), ampersand (&).

6In the Certificate Type list, select one of the following:

„EAP — To install an 802.1X/EAP certificate

„Web — To install a WebAAA certificate

„Admin — To install an administrative certificate

7Click Start Download. Download progress appears in the Status column.

When the download process is complete, you see a message indicating that the certificate was installed.

Page 352
Image 352
HP Manager Software manual Managing Certificates