384Managing Keys and Certificates

Digital Certificates

Digital certificates bind the identity of network users and devices to a public key. Network users must authenticate their identity to those with whom they communicate, and must be able to verify the identity of other users and network devices, such as switches and RADIUS servers.

The Nortel Mobility System supports the following types of X.509 digital certificates:

Administrative certificate—Used by the WSS to authenticate itself to WLAN Management Software or Web View.

EAP certificate—Used by the WSS to authenticate itself to EAP clients.

Web-based AAA certificate—Used by the WSS to authenticate itself to Web-based AAA clients, who use a web page served by an WSS switch to log onto the network.

Certificate authority (CA) certificates—Used by the WSS in addition to the certificates listed above, when those certificates are from the CA.

The Admin, EAP, and Web-based AAA certificates can be generated by the WSS (self-signed) or generated and signed by a CA. If they are signed by a CA, the CA’s own certificate is also required.

320657-A

Page 384
Image 384
Nortel Networks 2300 manual Digital Certificates