572 CHAPTER 15: CRYPTOGRAPHY COMMANDS
crypto pkcs12 Unpacks a PKCS #12 object file into the certificate and key storage area
on the WX switch. This object file contains a public-private key pair, an
WX certificate signed by a certificate authority, and the certificate
authority’s certificate.
Syntax —
crypto pkcs12 {admin | eap | web} file-location-url
admin — Unpacks a PKCS #12 object file for an administrative
certificate and key pair — and optionally the certificate authority’s
own certificate — for authenticating the WX switch to 3WXM or Web
Manager.
eap — Unpacks a PKCS #12 object file for an EAP certificate and key
pair — and optionally the certificate authority’s own certificate — for
authenticating the WX switch to 802.1X supplicants (clients).
web — Unpacks a PKCS #12 object file for a WebAAA certificate and
key pair — and optionally the certificate authority’s own certificate —
for authenticating the WX switch to WebAAA clients.
file-location-url — Location of the PKCS #12 object file to be
installed. Specify a location of between 1 and 128 alphanumeric
characters, with no spaces.
Defaults — The password you enter with the crypto otp command
must be the same as the one protecting the PKCS #12 file.
Access — Enabled.
History —Introduced in MSS Version 3.0. Webaaa option renamed to
web in MSS Version 4.1.
Usage — To use this command, you must have already created a
one-time password with the crypto otp command.
You must also have the PKCS #12 object file available. You can download
a PKCS #12 object file via TFTP from a remote location to the local
nonvolatile storage system on the WX switch.