Installing A Key Pair And Certificate From A Pkcs #12 Object File - Nortel 2300 Series Configuration Manual

390 Managing Keys and Certificates

Installing a Key Pair and Certificate from a PKCS #12 Object File

PKCS object files provide a file format for storing and transferring storing data and cryptographic information. (For
more information, see "PKCS #7, PKCS #10, and PKCS #12 Object Files" on page
you obtain from a CA, includes the private key, a certificate, and optionally the CA's own certificate.
After transferring the PKCS #12 file from the CA through FTP and generating a one-time password to unlock it, you
store the file in the WSS switch's certificate and key store. To set and store a PKCS #12 object file, follow these steps:
1
Copy the PKCS #12 object file to nonvolatile storage on the WSS. Use the following command:
copy tftp://filename local-filename
2
Enter a one-time password (OTP) to unlock the PKCS #12 object file. The password must be the same as
the password protecting the PKCS #12 file.
The password must contain at least 1 alphanumeric character, with no spaces, and must not include the
following characters:
●
Quotation marks ("")
●
Question mark (?)
●
Ampersand (&)
Note.
clients, use a one-time password of 31 characters or fewer.
To enter the one-time password, use the following command:
crypto otp {admin | eap | webaaa} one-time-password
3
Unpack the PKCS #12 object file into the certificate and key storage area on the WSS switch. Use the
following command:
crypto pkcs12 {admin | eap | webaaa} filename
The filename is the location of the file on the WSS switch.
Note.
command when you enter the crypto pkcs12 command.
320657-A
On an WSS that handles communications to or from Microsoft Windows
WSS Software erases the OTP password entered with the crypto otp
385.) A PKCS #12 object file, which