Cryptography Commands 487

 

 

one-time-password

Password of at least 1 alphanumeric character, with no spaces, for

 

 

clients other than Microsoft Windows clients. The password must

 

 

be the same as the password protecting the PKCS #12 object file.

 

 

Note: On a WSS that handles communications to and from

 

 

Microsoft Windows clients, use a one-time password of

 

 

31 characters or fewer.

 

 

The following characters cannot be used as part of the one-time

 

 

password of a PKCS #12 file:

 

 

• Quotation marks (“ ”)

 

 

Question mark (?)

 

 

Ampersand (&)

Defaults

None.

 

 

Access

Enabled.

 

 

History

 

 

 

Version 4.1

webaaa option renamed to web

Usage The password allows the public-private key pair and certificate to be installed together from the same PKCS #12 object file. WSS Software erases the one-time password after processing the crypto pkcs12 command or when you reboot the WSS.

Nortel recommends that you create a password that is memorable to you but is not subject to easy guesses or a dictionary attack. For best results, create a password of alphanumeric uppercase and lowercase characters.

Examples The following command creates the one-time password hap9iN#ss for installing an EAP certificate and key pair:

WSS# crypto generate otp eap hap9iN#ss

OTP set

See Also crypto pkcs12 on page 477

crypto pkcs12

Unpacks a PKCS #12 object file into the certificate and key storage area on the WSS. This object file contains a public- private key pair, a WSS certificate signed by a certificate authority, and the certificate authority’s certificate.

Syntax crypto pkcs12 {admin eap web} file-location-url

admin

Unpacks a PKCS #12 object file for an administrative certificate

 

and key pair—and optionally the certificate authority’s own

 

certificate—for authenticating the WSS to WLAN Management

 

Software or Web View.

eap

Unpacks a PKCS #12 object file for an EAP certificate and key

 

pair—and optionally the certificate authority’s own certificate—for

 

authenticating the WSS to 802.1X supplicants (clients).

Nortel WLAN—Security Switch 2300 Series Command Line Reference

Page 487
Image 487
Nortel Networks 2300 Series manual Crypto pkcs12, See Also crypto pkcs12 on, WSS# crypto generate otp eap hap9iN#ss