Managing private keys and certificates 319
To view basic information about all configured certificates, use
the /info/certs command.
2Export the certificate. Enter the following command:
/cfg/cert #/export
You are prompted to enter the certificate and key export
information. The file is exported as soon as you have provided
all the required information. Table 56 "Certificate and key export
information" (page 319) explains the required parameters.
Table 56
Certificate and key export information
Parameter Description
Protocol Thefile export protocol. The options are TFTP,
FTP, SCP, SFTP. The default is TFTP.
Server host name
or IP address The host name or IP address of the file
exchange server.
Export format The key and certificate format in which you
want to export the key and certificate. Valid
options are:
PEM
DER
NET
PKCS12 (also known as PFX)
The PEM and PKCS12 formats always combine
the private key and certificate in the same file.
Nortel recommends using the PKCS12
format. Most web browsers accept importing a
combined key and certificate file in the PKCS12
format.
The formats have different capabilities
regarding private key encryption and the ability
to save the key and certificate in separate files.
For more information about the formats, see
“Key and certificate formats” (page 298).
Export pass
phrase The password phrase to encrypt the private
key. The password phrase must be at least four
characters in length.
Reconfirm export
pass phrase Re-enter the password phrase for confirmation.
Nortel Secure Network Access Switch
Using the Command Line Interface
NN47230-100 03.01 Standard
28 July 2008
Copyright © 2007,2008 NortelNetworks
.