3Com Wireless LAN CSR Creation
Before you can generate a Certificate Signing Request (CSR) for your 3Com Wireless Lan Switch and Controller, you will need to create the private key from which your CSR can then in turn be created.
- Running the following command should elicit the response key pair generated and generate a 2048-bit private key.
- After you have finished creating your key, go ahead and run the following command to create a CSR for certificate signing. You will send the CSR to COMODO, and they will use it to generate the certificate that you will install to your device.
- You will then be prompted to enter information that will be included in your certificate by the certificate authority:
WX1200#crypto generate key web 2048
In the above example, "web" represents a certificate for web access so users can use a web page to log onto an unencrypted SSID. To create a certificate for "eap" (802.1X access for network users who can access SSIDs encryped by WEP or WPA, or users connecting with wired authentication ports) or "admin" access (through your 3Com Wireless Switch Manager or Web Manager), use those aliases in place of "web."
crypto generate request web
You will want to use same option (admin, eap, or web) as was used in creating the key, depending on the function for which your certificate is being generated.
- Country Name: US (find your 2 digit country code)
- State Name: NJ (your state or province)
- Locality Name: Clifton (usually the location of your main office, not necessarily your current location)
- Organizational Name: COMODO Inc (your company name)
- Organizational Unit: IT (your business unit)
- Common Name: www.example.com (the FQDN by which you will connect to your device, can also be an internal name)
- Email Address: email@example.com
- Unstructured Name: (leave blank, if possible, otherwise enter NA and continue)
If completed successfully, you will be provided with an encrypted text file called a CSR. You will copy and paste the entire body of this file to COMODO when requesting your certificate.
Once you have received your certificate files back from COMODO, you will need to install them to the same key from which they were generated.
Once again, if you did not use "web" when creating your CSR and key, you will not use "web" here, instead use "eap" or "admin."
crypto ca-certificate web
One last time, you will substitute "web" for "eap" or "admin" if that is what you have been doing.
The 3Com Wireless Lan Switch will not allow for the installing of multiple intermediate certificate files. If you were provided with multiple intermediate certificates, this is usually for additional ubiquity purposes and should not impact your clients or connection issues in almost all cases. Although ideally all intermediate files would be installed, that is not possible and fortunately it is not necessary.