Generating an enrollment request, Ained in “generating an – Allied Telesis AT-S63 User Manual

AT-S63 Management Software Menus User’s Guide

Section IX: Management Security

623

Generating an Enrollment Request

To request a certificate from a CA, you must generate an enrollment
request. The request contains the public key for the certificate, a
distinguished name, and other information. The request is stored as a file
with a “.csr” extension in the AT-S63 file system and must be uploaded
onto your management station or TFTP server for submission to the CA.



This procedure prompts you for the ID number of the encryption key
pair to be used to create the enrollment request. If you have forgotten
the ID number, refer to “Displaying the Encryption Keys” on page 604
to view key ID numbers.



You must create the key pair before performing this procedure. For
instructions, refer to “Creating an Encryption Key” on page 592.



For a review of all the steps to creating an enrollment request and
downloading a certificate from a CA onto a switch, refer to “General
Steps for a Public or Private CA Certificate” on page 589.

To generate an enrollment request, perform the following procedure:

1. From the Main Menu, type 7 to select Security and Services.

2. From the Security and Services menu, type 7 to select Keys/

Certificates Configuration.

The Keys/Certificates Configuration menu is shown in Figure 220 on
page 592.

3. From the Keys/Certificates Configuration menu, type 1 to select Switch

Distinguished Name (DN).

The following prompt is displayed:

Enter new DN (128 chars max) ->

4. Enter a name. An enrollment request must have a distinguished name.

5. Type 3 to select Public Key Infrastructure (PKI) Configuration.

The Public Key Infrastructure (PKI) Configuration menu is shown in
Figure 226 on page 609.

6. From the Public Key Infrastructure (PKI) Configuration menu, type 3 to

select Generate Enrollment Request.