Inheritance fundamentally allows chains over multiple stages (cas-
cading). This means, for example, that country and device-specific
parameters can be grouped for convenience.
Recursion is also possible—profile A inherits from profile B, and at
the same time B inherits from A. However, the parameters available
for inheritance are limited to one "inheritance direction" per parame-
ter.
4.3.4
Backing up the certificates
At system startup, a LANCOM WLAN Controller generates the basic certifi-
cates for the assignment of certificates to the Access Points, including the root
certificates for the CA (Certification Authority) and the RA (Registration
Authority). Based on these two certificates, the WLAN Controller issues device
certificates for the Access Points.
If multiple WLAN Controllers are employed in parallel in the same WLAN infra-
structure (for load balancing) or if a device is being replaced or reconfigured,
the same root certificates should always be used to avoid problems operating
the managed Access Points.
Create backups of the certificates
To restore the CA or RA, the relevant root certificates with private keys will be
required as generated automatically when the LANCOM WLAN Controller was
started. Furthermore the following files with information on issued device cer-
tificates should also be backed up ('Backing up and restoring further files from
the SCEP-CA'
remains protected even when exported from the device, it is initially stored to
a password-protected PCKS12 container.
Open the configuration of the LANCOM WLAN Controller with WEBconfig
under Expert configuration
CA certificates.
Select the command Create PKCS12 backup files and enter the pass-
phrase for the PKCS12 container as the additional argument.
LANCOM WLC-4006 - LANCOM WLC-4025
Chapter 4: Configuring the WLAN Controller
→
Page 67). To ensure that this confidential information
Setup
Certificates
SCEP- CA
65