578 Chapter 11 Managing certificates

/cfg/cert <cert ID> followed by:

gensigned

Generates a certificate that is signed using the private

serverclient

key associated with the currently selected certificate.

 

You are prompted to provide the following parameters:

 

<country> <state or province> <locality>

 

<organization> <organizational unit> <common name>

 

<e-mail address> <validity period> <key size> <CA cert

 

truefalse> <serial number> <pass phrase>

 

• server — generates a signed server certificate

 

provided with key use options that are appropriate

 

for server usage. Set the CA cert value to true if

 

you plan to issue your own chained server

 

certificates, generating them from the currently

 

generated server certificate.The CA cert value you

 

specify when generating a certificate translates into

 

the X509v3 Basic Constraints property in the

 

generated certificate. To view the properties of a

 

certificate available on the Nortel SNAS 4050, use

 

the /cfg/cert #/show command.

 

• client — not supported in Nortel Secure Network

 

Access Switch Software Release 1.0.

 

 

request

Generates a certificate signing request. For more

 

information, see “Generating and submitting a CSR

 

using the CLI” on page 579.

 

 

sign

Signs a CSR by using the private key associated with

 

the currently selected certificate. You are prompted to

 

paste in the contents of a CSR.

 

Client certificates are not supported in Nortel Secure

 

Network Access Switch Software Release 1.0.

 

 

test

Generates a self-signed certificate and private key for

 

testing purposes. For more information, see

 

“Generating a test certificate using the CLI” on

 

page 596.

 

 

import

Installs a private key and certificate by downloading it

 

from a TFTP/FTP/SCP/SFTP server. For more

 

information, see “Importing certificates and keys into

 

the Nortel SNAS 4050 using the CLI” on page 588.

 

 

export

Exports the current key and certificate to a TFTP/FTP/

 

SCP/SFTP server in a format you specify. For more

 

information, see “Exporting a certificate and key from

 

the Nortel SNAS 4050 using the CLI” on page 594.

 

 

320818-A

Page 578
Image 578
Nortel Networks 4050 manual cfg/cert #/show command