258
DWS-1008 User’s Manual
D-Link Systems, Inc.
Managing Keys and Certificates
The Admin, EAP, and WebAAA certificates can be generated by the switch (self-signed) or
generated and signed by a CA. If they are signed by a CA, the CA’s own certificate is also
required.
PKCS #7, PKCS #10, and PKCS #12 Object Files
Public-Key Cryptography Standards (PKCS) are encryption interface standards created by
RSA Data Security, Inc., that provide a file format for transferring data and cryptographic
information. D-Link supports the PKCS object files listed in PKCS Object Files Supported by
D-link.
PKCS Object Files Supported by D-link
File Type Standard
Purpose
PKCS #7 Cryptographic
Message
Syntax
Standard
Contains a digital certificate signed by a
CA.
To install the certificate from a PKCS #7
file, use the
crypto certificate
command to
prepare MSS to receive the certificate, then
copy and paste the certificate into the CLI.
A PKCS #7 file does not contain the public
key to go with the certificate. Before you
generate the CSR and instal the certificate,
you must generate the public-private
key pair using the
crypto generate key
command.
PKCS #10 Certification
Request Syntax
Standard
Contains a Certificate Signing Request
(CSR), a special file with encoded
information needed to request a digital
certificate from a CA.
To generate the request, use the
crypto
generate request
command. Copy and
paste the results directly into a browser
window on the CA server, or into a file to
send to the CA server.