479Nortel WLAN—Security Switch 2300 Series Command Line ReferenceCryptography CommandsA digital certificate is a form of electronic identification for computers. The WSS requires digital certificates to authen-ticate its communications to WLAN Management Software and Web View, to Web-based AAA clients, and toExtensible Authentication Protocol (EAP) clients for which the WSS performs all EAP processing. Certificates can begenerated on the WSS or obtained from a certificate authority (CA). Keys contained within the certificates allow theWSS, its servers, and its wireless clients to exchange information secured by encryption.This chapter presents cryptography commands alphabetically. Use the following table to locate commands in thischapter based on their use.Note. If the switch does not already have certificates, WSS Software automaticallygenerates the missing ones the first time you boot using WSS Software Version 4.1 or later.You do not need to install certificates unless you want to replace the ones automaticallygenerated by WSS Software. (For more information, see the “Certificates AutomaticallyGenerated by WSS Software” section in the “Managing Keys and Certificates” chapter of theNortel WLAN Security Switch 2300 Series Configuration Guide.)Note. Before installing a new certificate, verify with the show timedate and showtimezone commands that the WSS is set to the correct date, time, and time zone.Otherwise, certificates might not be installed correctly.Encryption Keys crypto generate key on page 472show crypto key domain on page 481show crypto key ssh on page 481PKCS #7 Certificates crypto generate request on page 473crypto ca-certificate on page 470show crypto ca-certificate on page 479crypto certificate on page 471show crypto certificate on page 480PKCS #12 Certificate crypto otp on page 476crypto pkcs12 on page 477Self-Signed Certificate crypto generate self-signed on page 475