Managing certificate authority (ca) certificates, Importing a ca certificate – Brocade Mobility 5181 Access Point Product Reference Guide (Supporting software release 4.4.0.0) User Manual
Page 70
56
Brocade Mobility 5181 Access Point Product Reference Guide
53-1002516-01
Managing Certificate Authority (CA) certificates
4
6. If you are near the capacity of 8 allowed IP addresses or an address becomes obsolete,
consider selecting an existing address and click the Delete button to remove an address.
7. Click Apply to save any changes to the Access screen’s Trusted Host configuration. Navigating
away from the screen without clicking Apply results in all changes to the screen being lost.
8. Click Undo Changes (if necessary) to undo any changes made. Undo Changes reverts the
Trusted Host settings within the Access screen to the last saved configuration.
9. Click Logout to securely exit the Mobility 5181 Access Point applet. A prompt displays
confirming the logout before the applet is closed.
Managing Certificate Authority (CA) certificates
Certificate management includes the following sections:
•
•
Creating self certificates for accessing the VPN
•
Importing a CA certificate
A certificate authority (CA) is a network authority that issues and manages security credentials and
public keys for message encryption. The CA signs all digital certificates that it issues with its own
private key. The corresponding public key is contained within the certificate and is called a CA
certificate. A browser must contain this CA certificate in its Trusted Root Library so it can trust
certificates “signed” by the CA's private key.
Depending on the public key infrastructure, the digital certificate includes the owner's public key,
the certificate expiration date, the owner's name and other public key owner information.
The Mobility 5181 Access Point can import and maintain a set of CA certificates to use as an
authentication option for Virtual Private Network (VPN) access. To use the certificate for a VPN
tunnel, define a tunnel and select the IKE settings to use either RSA or DES certificates. For
additional information on configuring VPN tunnels, see
CAUTION
Loaded and signed CA certificates will be lost when changing the access point’s firmware version
using either the GUI or CLI. After a certificate has been successfully loaded, export it to a secure
location to ensure its availability after a firmware update.
If restoring the access point’s factory default firmware, you must export the certificate file
BEFORE restoring the access point’s factory default configuration. Import the file back after the
updated firmware is installed.
Refer to your network administrator to obtain a CA certificate to import into the Mobility 5181
Access Point.