Managing Crypto Cmp Certificates - Motorola WiNG 5.7.1 System Reference Manual

12 - 10 WiNG 5.7.1 Access Point System Reference Guide
Fallback

12.1.3 Managing Crypto CMP Certificates

Managing Firmware and Configuration Files
Certificate Management Protocol (CMP) is an Internet protocol to obtain and manage digital certificates in a Public Key
Infrastructure (PKI) network. A Certificate Authority (CA) issues the certificates using the defined CMP.
Using CMP, a device can communicate to a CMP supported CA server, initiate a certificate request and download the required
certificates from the CA server. CMP supports multiple request options through for device communicating to a CMP supported
CA server. The device can initiate a request for getting the certificates from the server. It can also auto update the certificates
which are about to expire.
The CMP client on the controller, service platform or access point triggers a request for the configured CMS CA server. Once
the certificate is validated and confirmed from the CA server it is saved on the device and becomes part of the trustpoint. During
the creation of the CMP policy the trustpoint is assigned a name and client information. An administrator can use a manually
created trustpoint for one service (like HTTPs) and use the CMP generated trustpoint for RADIUS EAP certificate based
authentication.
Use the Crypto CMP Certificate
Use the Crypto Certificate Renewal screen to view and if required, trigger certificate renewal for CMP certificates.
5. Refer to the following for more information on Crypto CMP Certificates:
Hostname
MAC Address
Trust Point Name
Displays the status of Fallback. Displays Enabled or Disabled.
menu item to manage these certificates.
Figure 12-12 Crypto CMP Certificate Management screen
Lists the administrator assigned hostname of the CMP resource requesting a certificate
renewal from the CMP CA server.
Lists the hardware encoded MAC address of the CMP server resource.
Lists the 32 character maximum name assigned to the target trustpoint. A trustpoint represents
a CA/identity pair containing the identity of the CA, CA specific configuration parameters, and
an association with an enrolled identity certificate.